PT-2021-5768 · Apple+8 · Macos Big Sur+13

Sergei Glazunov

Published

2021-07-09

Updated

2021-11-09

CVE-2021-30795

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iOS versions prior to 14.7 Safari versions prior to 14.1.2 macOS Big Sur versions prior to 11.5 watchOS versions prior to 7.6 tvOS versions prior to 14.7

Description The issue is related to a use after free problem, which was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. The vulnerability can be exploited by a remote attacker to gain access to confidential data, disrupt their integrity, and cause a denial of service using malicious web content.

Recommendations For iOS versions prior to 14.7, update to iOS version 14.7 or later. For Safari versions prior to 14.1.2, update to Safari version 14.1.2 or later. For macOS Big Sur versions prior to 11.5, update to macOS Big Sur version 11.5 or later. For watchOS versions prior to 7.6, update to watchOS version 7.6 or later. For tvOS versions prior to 14.7, update to tvOS version 14.7 or later.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2021:4381

BDU:2022-00216

CESA-2021_4381

CVE-2021-30795

DSA-4945-1

MGASA-2021-0400

OPENSUSE-SU-2021:1101-1

OPENSUSE-SU-2021:2598-1

OPENSUSE-SU-2021_1101-1

OPENSUSE-SU-2021_2598-1

RHSA-2021:4381

RHSA-2021_4381

RHSA-2025:10364

RLSA-2021:4381

SUSE-SU-2021:2598-1

SUSE-SU-2021:2600-1

SUSE-SU-2021:2762-1

USN-5024-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Apple Macos

Red Hat

Rocky Linux

Safari

Suse

Ubuntu

Ios

Macos Big Sur

Tvos

Watchos

PT-2021-5768 · Apple+8 · Macos Big Sur+13

CVE-2021-30795

Weakness Enumeration

Related Identifiers

Affected Products

References · 166