PT-2021-2816 · Apple+5 · Apple Macos+9

Zhunki

Published

2020-11-23

Updated

2024-06-15

CVE-2021-1817

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5

Description: The issue is related to a memory corruption problem due to a buffer overflow in the WebKitGTK module. This can be exploited by a remote attacker using a specially crafted malicious web page, potentially leading to arbitrary code execution. The problem was addressed with improved state management.

Recommendations: For macOS versions prior to 11.3, update to macOS Big Sur 11.3 or later. For iOS versions prior to 14.5, update to iOS 14.5 or later. For iPadOS versions prior to 14.5, update to iPadOS 14.5 or later. For watchOS versions prior to 7.4, update to watchOS 7.4 or later. For tvOS versions prior to 14.5, update to tvOS 14.5 or later.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2021:1586

BDU:2021-02362

BDU:2021-02420

CESA-2021_1586

CVE-2021-1817

DSA-4797-1

DSA-4797-2

OPENSUSE-SU-2022:0182-1

OPENSUSE-SU-2022_0182-1

OPENSUSE-SU-2022_0182-2

OPENSUSE-SU-2024:11506-1

RHSA-2021:1586

RHSA-2021_1586

RHSA-2025:10364

RLSA-2021:1586

SUSE-SU-2022:0142-1

SUSE-SU-2022:0182-1

SUSE-SU-2022:0182-2

SUSE-SU-2022:0183-1

Affected Products

Almalinux

Centos

Apple Macos

Red Hat

Rocky Linux

Suse

Ios

Ipados

Tvos

Watchos

PT-2021-2816 · Apple+5 · Apple Macos+9

CVE-2021-1817

Weakness Enumeration

Related Identifiers

Affected Products

References · 274