PT-2021-18837 · Apple · Apple Macos+1

Csaba Fitzl

Published

2021-05-24

Updated

2021-09-22

CVE-2021-30738

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.4 Security Update versions prior to 2021-004 Mojave

Description A malicious application may be able to overwrite arbitrary files due to an issue with path validation logic for hardlinks. This issue was addressed with improved path sanitization.

Recommendations For macOS versions prior to 11.4, update to macOS Big Sur 11.4 or later to resolve the issue. For Security Update versions prior to 2021-004 Mojave, apply Security Update 2021-004 Mojave or later to fix the problem.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-30738

Affected Products

Apple Macos

Security Update

PT-2021-18837 · Apple · Apple Macos+1

CVE-2021-30738

Related Identifiers

Affected Products

References · 6