CVE Vulnerabilities

CVE-2021-30843

Published: Oct 19, 2021 | Modified: Nov 05, 2021
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

Affected Software

Name Vendor Start Version End Version
Ipados Apple * 14.8 (excluding)
Iphone_os Apple * 14.8 (excluding)
Mac_os_x Apple 10.15 (including) 10.15.6 (including)
Mac_os_x Apple 10.15.7 (including) 10.15.7 (including)
Mac_os_x Apple 10.15.7-security_update_2020 (including) 10.15.7-security_update_2020 (including)
Mac_os_x Apple 10.15.7-security_update_2020-001 (including) 10.15.7-security_update_2020-001 (including)
Mac_os_x Apple 10.15.7-security_update_2020-005 (including) 10.15.7-security_update_2020-005 (including)
Mac_os_x Apple 10.15.7-security_update_2020-007 (including) 10.15.7-security_update_2020-007 (including)
Mac_os_x Apple 10.15.7-security_update_2021-001 (including) 10.15.7-security_update_2021-001 (including)
Mac_os_x Apple 10.15.7-security_update_2021-002 (including) 10.15.7-security_update_2021-002 (including)
Mac_os_x Apple 10.15.7-security_update_2021-003 (including) 10.15.7-security_update_2021-003 (including)
Mac_os_x Apple 10.15.7-security_update_2021-004 (including) 10.15.7-security_update_2021-004 (including)
Mac_os_x Apple 10.15.7-supplemental_update (including) 10.15.7-supplemental_update (including)
Macos Apple 11.0 (including) 11.6 (excluding)
Tvos Apple * 15.0 (excluding)
Watchos Apple * 8.0 (excluding)

References