CVE-2021-30979: 
macOS vulnerability analysis and mitigation

CVE-2021-30979 is a buffer overflow vulnerability discovered in Apple's ModelIO framework that was fixed in December 2021 with the release of macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, and Security Update 2021-008 Catalina. The vulnerability was discovered by Mickey Jin (@patch1t) of Trend Micro (Apple Support, NVD).

The vulnerability exists within the ModelIO framework and involves a buffer overflow issue in the processing of USD files. The issue received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'). The flaw specifically occurs when processing maliciously crafted USD files, which can trigger an overflow of a heap-based buffer (ZDI Advisory, NVD).

If successfully exploited, this vulnerability could lead to unexpected application termination or arbitrary code execution in the context of the current process. An attacker could potentially execute malicious code with the privileges of the affected application (ZDI Advisory, Apple Support).

Apple addressed this vulnerability by improving memory handling in the affected systems. The fix was released in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, and Security Update 2021-008 Catalina. Users are advised to update to these versions or later to protect against this vulnerability (Apple Support).