CVE-2021-30979

Name of the Vulnerable Software and Affected Versions macOS versions prior to 12.1 iOS versions prior to 15.2 iPadOS versions prior to 15.2 macOS Big Sur versions prior to 11.6.2 macOS Catalina versions prior to Security Update 2021-008

Description A buffer overflow issue was addressed with improved memory handling. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. The vulnerability is related to the Model I/O component and is caused by a lack of input size validation, allowing an attacker to execute arbitrary code or cause a denial of service with a specially crafted malicious USD file.

Recommendations For macOS versions prior to 12.1, update to macOS Monterey 12.1 or later. For iOS versions prior to 15.2, update to iOS 15.2 or later. For iPadOS versions prior to 15.2, update to iPadOS 15.2 or later. For macOS Big Sur versions prior to 11.6.2, update to macOS Big Sur 11.6.2 or later. For macOS Catalina versions prior to Security Update 2021-008, apply Security Update 2021-008 or later.