PT-2021-4455 · Apple+7 · Ipados+9

Published

2021-08-24

·

Updated

2025-10-27

·

CVE-2021-30858

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 14.8 Apple iPadOS versions prior to 14.8 Apple macOS versions prior to Big Sur 11.6
Description The issue is related to a use-after-free problem, which can be exploited by a remote attacker to execute arbitrary code. This can occur when processing maliciously crafted web content. There have been reports that this issue may have been actively exploited.
Recommendations For Apple iOS versions prior to 14.8, update to iOS 14.8 or later to resolve the issue. For Apple iPadOS versions prior to 14.8, update to iPadOS 14.8 or later to resolve the issue. For Apple macOS versions prior to Big Sur 11.6, update to macOS Big Sur 11.6 or later to resolve the issue. As a temporary workaround, consider avoiding the processing of maliciously crafted web content until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2021-05088
CESA-2021_4097
CVE-2021-30858
DSA-4975-1
DSA-4976-1
ELSA-2021-4097
ELSA-2022-0059
MGASA-2021-0447
MGASA-2021-0498
OPENSUSE-SU-2021:1369-1
OPENSUSE-SU-2021:3353-1
OPENSUSE-SU-2021_1369-1
OPENSUSE-SU-2021_3353-1
OPENSUSE-SU-2022:0182-1
OPENSUSE-SU-2022_0182-1
OPENSUSE-SU-2022_0182-2
OPENSUSE-SU-2024:11506-1
RHSA-2021:4097
RHSA-2021:4686
RHSA-2021_4097
RHSA-2022:0059
RHSA-2022:0075
RHSA-2022_0059
RLSA-2021:4097
RLSA-2021_4097
SUSE-SU-2021:3282-1
SUSE-SU-2021:3296-1
SUSE-SU-2021:3353-1
SUSE-SU-2021_3282-1
SUSE-SU-2021_3296-1
SUSE-SU-2021_3353-1
SUSE-SU-2022:0142-1
SUSE-SU-2022:0182-1
SUSE-SU-2022:0182-2
SUSE-SU-2022:0183-1
USN-5087-1

Affected Products

Astra Linux
Centos
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Suse
Ubuntu
Ios
Ipados