CVE-2021-30789

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

Affected products

• Apple / iOSunspecified – 14.7
• Apple / macOSunspecified – 11.5
• Apple / macOSunspecified – 14.7
• Apple / macOSunspecified – 7.6
• Apple / Security Update - Catalinaunspecified – 2021

References

• VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212601
• VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212602
• VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212605
• VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212600
• VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212604