PT-2021-18909 · Apple+8 · Safari+13

Sergei Glazunov

·

Published

2021-09-20

·

Updated

2022-05-10

·

CVE-2021-30846

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions iOS versions prior to 14.8 iPadOS versions prior to 14.8 Safari versions prior to 15 tvOS versions prior to 15 iOS versions prior to 15 iPadOS versions prior to 15 watchOS versions prior to 8
Description A memory corruption issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution.
Recommendations For iOS versions prior to 14.8, update to iOS 14.8 or later. For iPadOS versions prior to 14.8, update to iPadOS 14.8 or later. For Safari versions prior to 15, update to Safari 15 or later. For tvOS versions prior to 15, update to tvOS 15 or later. For iOS versions prior to 15, update to iOS 15 or later. For iPadOS versions prior to 15, update to iPadOS 15 or later. For watchOS versions prior to 8, update to watchOS 8 or later.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2022:1777
CESA-2022_1777
CVE-2021-30846
DSA-4995-1
DSA-4996-1
MGASA-2021-0498
OPENSUSE-SU-2021:1557-1
OPENSUSE-SU-2021:3874-1
OPENSUSE-SU-2021_1557-1
OPENSUSE-SU-2021_3874-1
OPENSUSE-SU-2022:0182-1
OPENSUSE-SU-2022_0182-1
OPENSUSE-SU-2022_0182-2
RHSA-2022:1777
RHSA-2022_1777
RHSA-2025:10364
RLSA-2022:1777
SUSE-SU-2021:3769-1
SUSE-SU-2021:3861-1
SUSE-SU-2021:3874-1
SUSE-SU-2021_3769-1
SUSE-SU-2021_3861-1
SUSE-SU-2021_3874-1
SUSE-SU-2022:0142-1
SUSE-SU-2022:0182-1
SUSE-SU-2022:0182-2
SUSE-SU-2022:0183-1
USN-5127-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Tvos
Watchos