About the security content of macOS Monterey 12.0.1

This document describes the security content of macOS Monterey 12.0.1.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

macOS Monterey 12.0.1

Released October 25, 2021

AppKit

Available for: Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)

Impact: A malicious application may be able to elevate privileges

Description: A logic issue was addressed with improved state management.

CVE-2021-30873: Thijs Alkemade of Computest

AppleScript

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30876: Jeremy Brown, hjy79425575

CVE-2021-30879: Jeremy Brown, hjy79425575

CVE-2021-30877: Jeremy Brown

CVE-2021-30880: Jeremy Brown

App Store

Impact: A malicious application may be able to access local users' Apple IDs

Description: An access issue was addressed with improved access restrictions.

CVE-2021-30994: Sergii Kryvoblotskyi of MacPaw Inc.

Entry added May 25, 2022

Audio

Impact: A malicious application may be able to elevate privileges

Description: An integer overflow was addressed through improved input validation.

CVE-2021-30907: Zweig of Kunlun Lab

Bluetooth

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved state handling.

CVE-2021-30899: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America

Bluetooth

Impact: A malicious application may be able to disclose kernel memory

Description: A logic issue was addressed with improved validation.

CVE-2021-30931: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America

Entry added November 18, 2021

bootp

Impact: A device may be passively tracked by its WiFi MAC address

Description: A user privacy issue was addressed by removing the broadcast MAC address.

CVE-2021-30866: Fabien Duchêne of UCLouvain (Belgium)

Entry added November 18, 2021

ColorSync

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.

CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero

Continuity Camera

Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution

Description: An uncontrolled format string issue was addressed with improved input validation.

CVE-2021-30903: an anonymous researcher

Entry updated May 25, 2022

CoreAudio

Impact: Processing a maliciously crafted file may disclose user information

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30905: Mickey Jin (@patch1t) of Trend Micro

CoreGraphics

Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution

Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30919

Directory Utility

Impact: A malicious application may be able to access local users' Apple IDs

Description: A logic issue was addressed with improved state management.

CVE-2020-9846: Wojciech Reguła (@_r3ggi)

Entry added March 31, 2022

FileProvider

Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution

Description: An input validation issue was addressed with improved memory handling.

CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360

File System

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2021-30923: Pan ZhenPeng (@Peterpan0927) of Alibaba Security

Entry added November 18, 2021

FontParser

Impact: Processing a maliciously crafted font may result in the disclosure of process memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30831: Xingwei Lin of Ant Security Light-Year Lab

Entry added November 18, 2021

FontParser

Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2021-30840: Xingwei Lin of Ant Security Light-Year Lab

Entry added November 18, 2021

Foundation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A type confusion issue was addressed with improved memory handling.

CVE-2021-30852: Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab

Entry added November 18, 2021

Game Center

Impact: A malicious application may be able to access information about a user's contacts

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30895: Denis Tokarev

Game Center

Impact: A malicious application may be able to read user's gameplay data

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30896: Denis Tokarev

Graphics Drivers

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved state handling.

CVE-2021-30933: Jack Dates of RET2 Systems, Inc.

Entry added March 31, 2022

iCloud

Impact: A local attacker may be able to elevate their privileges

Description: This issue was addressed with improved checks.

CVE-2021-30906: Cees Elzinga

iCloud Photo Library

Impact: A malicious application may be able to access photo metadata without needing permission to access photos

Description: The issue was addressed with improved authentication.

CVE-2021-30867: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added November 18, 2021

ImageIO

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved input validation.

CVE-2021-30814: hjy79425575

Entry added November 18, 2021

Intel Graphics Driver

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2021-30922: Jack Dates of RET2 Systems, Inc., Yinyi Wu (@3ndy1)

Entry added March 31, 2022

Intel Graphics Driver

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30824: Antonio Zekic (@antoniozekic) of Diverto

Intel Graphics Driver

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2021-30901: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab, Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab, Jack Dates of RET2 Systems, Inc.

IOGraphics

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30821: Tim Michaud (@TimGMichaud) of Zoom Video Communications

IOMobileFrameBuffer

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30883: an anonymous researcher

Kernel

Impact: A remote attacker can cause a device to unexpectedly restart

Description: A denial of service issue was addressed with improved state handling.

CVE-2021-30924: Elaman Iskakov (@darling_x0r) of Effective and Alexey Katkov (@watman27)

Entry added November 18, 2021

Kernel

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30886: @0xalsr

Kernel

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30909: Zweig of Kunlun Lab

Kernel

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30916: Zweig of Kunlun Lab

LaunchServices

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: A logic issue was addressed with improved state management.

CVE-2021-30864: Ron Hass (@ronhass7) of Perception Point

Login Window

Impact: A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS

Description: A logic issue was addressed with improved checks.

CVE-2021-30813: Benjamin Berger of BBetterTech LLC, Peter Goedtkindt of Informatique-MTF S.A., an anonymous researcher

Entry updated May 25, 2022

Managed Configuration

Impact: A user in a privileged network position may be able to leak sensitive user information

Description: A logic issue was addressed with improved state management.

CVE-2021-31011: Michal Moravec of Logicworks, s.r.o.

Entry added September 16, 2022

Messages

Impact: A user's messages may continue to sync after the user has signed out of iMessage

Description: A sync issue was addressed with improved state validation.

CVE-2021-30904: Reed Meseck of IBM

Entry added November 18, 2021

Model I/O

Impact: Processing a maliciously crafted file may disclose user information

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30910: Mickey Jin (@patch1t) of Trend Micro

Model I/O

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

NetworkExtension

Impact: A VPN configuration may be installed by an app without user permission

Description: An authorization issue was addressed with improved state management.

CVE-2021-30874: Javier Vieira Boccardo (linkedin.com/javier-vieira-boccardo)

Entry added November 18, 2021

Sandbox

Impact: A malicious application may be able to modify protected parts of the file system

Description: This issue was addressed with improved checks.

CVE-2021-30808: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added November 18, 2021

Sandbox

Impact: A local attacker may be able to read sensitive information

Description: A permissions issue was addressed with improved validation.

CVE-2021-30920: Csaba Fitzl (@theevilbit) of Offensive Security

Security

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with improved locking.

CVE-2021-31004: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added March 31, 2022

SMB

Impact: A malicious application may be able to execute arbitrary code with system privileges

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-31002: Peter Nguyễn Vũ Hoàng of STAR Labs

Entry added September 16, 2022

SMB

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs

SoftwareUpdate

Impact: A malicious application may gain access to a user's Keychain items

Description: The issue was addressed with improved permissions logic.

CVE-2021-30912: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab

SoftwareUpdate

Impact: An unprivileged application may be able to edit NVRAM variables

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30913: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab

Entry updated May 25, 2022

UIKit

Impact: A person with physical access to a device may be determine characteristics of a user's password in a secure text entry field

Description: A logic issue was addressed with improved state management.

CVE-2021-30915: Kostas Angelopoulos

WebKit

Impact: Turning off "Block all remote content" may not apply to all remote content types

Description: A logic issue was addressed with improved state management.

CVE-2021-31005: Jonathan Austin of Wells Fargo, Attila Soki

Entry added March 31, 2022

WebKit

Impact: Processing maliciously crafted web content may lead to code execution

Description: A type confusion issue was addressed with improved memory handling.

CVE-2021-31008

Entry added March 31, 2022

WebKit

Impact: A malicious website may exfiltrate data cross-origin

Description: An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented.

CVE-2021-30897: an anonymous researcher

Entry added November 18, 2021

WebKit

Impact: Visiting a maliciously crafted website may reveal a user's browsing history

Description: The issue was resolved with additional restrictions on CSS compositing.

CVE-2021-30884: an anonymous researcher

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A type confusion issue was addressed with improved state handling.

CVE-2021-30818: Amar Menezes (@amarekano) of Zon8Research

Entry added November 18, 2021

WebKit

Impact: Processing a maliciously crafted audio file may disclose restricted memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30836: Peter Nguyen Vu Hoang of STAR Labs

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30846: Sergei Glazunov of Google Project Zero

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2021-30849: Sergei Glazunov of Google Project Zero

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30848: Sergei Glazunov of Google Project Zero

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to code execution

Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2021-30851: Samuel Groß of Google Project Zero

Entry added November 18, 2021

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30809: an anonymous researcher

Entry added November 18, 2021

WebKit

Impact: An attacker in a privileged network position may be able to bypass HSTS

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30823: David Gullasch of Recurity Labs

WebKit

Impact: Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30887: Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd.

WebKit

Impact: A malicious website using Content Security Policy reports may be able to leak information via redirect behavior

Description: An information leakage issue was addressed.

CVE-2021-30888: Prakash (@1lastBr3ath)

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30889: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab

WebKit

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved state management.

CVE-2021-30861: Wojciech Reguła (@_r3ggi), Ryan Pickren (ryanpickren.com)

WebKit

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: A logic issue was addressed with improved state management.

CVE-2021-30890: an anonymous researcher

WebRTC

Impact: An attacker may be able to track users through their IP address

Description: A logic issue was addressed with improved state management.

CVE-2021-30930: Oguz Kırat, Matthias Keller (m-keller.com)

Entry added November 18, 2021, updated September 16, 2022

Windows Server

Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen

Description: An authentication issue was addressed with improved state management.

CVE-2021-30908: ASentientBot

xar

Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files

Description: This issue was addressed with improved checks.

CVE-2021-30833: Richard Warren of NCC Group

zsh

Impact: A malicious application may be able to modify protected parts of the file system

Description: An inherited permissions issue was addressed with additional restrictions.

CVE-2021-30892: Jonathan Bar Or of Microsoft

Additional recognition

APFS

We would like to acknowledge Koh M. Nakagawa of FFRI Security, Inc. for their assistance.

AppleScript

We would like to acknowledge Jeremy Brown for their assistance.

Entry added March 31, 2022

App Support

We would like to acknowledge an anonymous researcher, 漂亮鼠 of 赛博回忆录 for their assistance.

Bluetooth

We would like to acknowledge say2 of ENKI for their assistance.

bootp

We would like to acknowledge Alexander Burke (alexburke.ca) for their assistance.

Entry added March 31, 2022

CUPS

We would like to acknowledge Nathan Nye of WhiteBeam Security for their assistance.

Entry updated March 31, 2022

iCloud

We would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance.

Kernel

We would like to acknowledge Anthony Steinhauser of Google's Safeside project, and Joshua Baums of Informatik Baums for their assistance.

Entry updated November 18, 2021

Mail

We would like to acknowledge Fabian Ising and Damian Poddebniak of Münster University of Applied Sciences for their assistance.

Managed Configuration

We would like to acknowledge Michal Moravec of Logicworks, s.r.o. for their assistance.

Setup Assistant

We would like to acknowledge David Schütz (@xdavidhu) for their assistance.

Entry added November 18, 2021

smbx

We would like to acknowledge Zhongcheng Li (CK01) for their assistance.

UIKit

We would like to acknowledge Jason Rendel of Diligent for their assistance.

Entry added November 18, 2021

WebKit

We would like to acknowledge Ivan Fratric of Google Project Zero, Pavel Gromadchuk, Nikhil Mittal (@c0d3G33k), and Matthias Keller (m-keller.com) for their assistance.

Entry updated May 25, 2022

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: November 03, 2023