A remote attacker may be able to cause arbitrary code execution.
This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.Īn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4.
Processing a maliciously crafted image may lead to heap corruption.Ī buffer overflow was addressed with improved bounds checking. This issue was addressed with improved checks. An application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.Ī use after free issue was addressed with improved memory management. A remote attacker may be able to cause arbitrary code execution.Ī logic issue was addressed with improved state management. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.Īn out-of-bounds write was addressed with improved input validation. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.Īn out-of-bounds read was addressed with improved input validation.
Patch information is provided when available. This information may include identifying information, values, definitions, and related links.