Apple Issues Security Update to Fix ‘Baron Samedit’ Sudo Bug

Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit. The update is for macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002.
Mac Security Update
Three flaws have been fixed:
Intel Graphics Driver

Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write was addressed with improved input validation.
CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative

Intel Graphics Driver

Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with additional validation.
CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative

Sudo

Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed by updating to sudo version 1.9.5p2.
CVE-2021-3156: Qualys

After installing this update, the build number for macOS Catalina 10.15.7 is 19H524.
Tags: Mac, Security, terminal