CVE-2021-30724: 
macOS vulnerability analysis and mitigation

CVE-2021-30724 is a vulnerability discovered in Apple's Core Virtual Machine Server (CVMServer) affecting macOS, iOS, and iPadOS systems. The vulnerability was disclosed and patched in May 2021 through various system updates including tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, and watchOS 7.5 (Apple Security).

The vulnerability exists in the CVMServer, which is an XPC service and system daemon that runs with root privileges to handle XPC requests. The issue is triggered by an integer overflow leading to an out-of-bounds memory access in the XPC request message handler, specifically when processing a request to build an element using OpenCL source code. The vulnerability occurs when the mapped length value is less than the beginOffset value, resulting in an integer overflow that bypasses security checks (Trend Micro).

If exploited, this vulnerability allows a local attacker to elevate their privileges on the system. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

Apple has addressed this vulnerability by adding improved checks in the affected systems. Users should update to the following versions: tvOS 14.6, iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, Security Update 2021-004 Mojave, Security Update 2021-003 Catalina, or watchOS 7.5. These updates contain the necessary patches to prevent exploitation of this vulnerability (Apple Security).