Apple Issues Security Update to Fix ‘Baron Samedit’ Sudo Bug

M1 Mac Decision

Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit. The update is for macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002.

Mac Security Update

Three flaws have been fixed:

Intel Graphics Driver

  • Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: An out-of-bounds write was addressed with improved input validation.
  • CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative

Intel Graphics Driver

  • Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A race condition was addressed with additional validation.
  • CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative

Sudo

  • Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6
  • Impact: A local attacker may be able to elevate their privileges
  • Description: This issue was addressed by updating to sudo version 1.9.5p2.
  • CVE-2021-3156: Qualys

After installing this update, the build number for macOS Catalina 10.15.7 is 19H524.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.