Description
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.
Affected products
- Apple / iOS and iPadOSunspecified – 15
- Apple / iTunes for Windowsunspecified – 12.12
- Apple / Security Update - Catalinaunspecified – 2021
- Apple / tvOSunspecified – 15
- Apple / watchOSunspecified – 8
References
- VENDOR_ADVISORYhttps://support.apple.com/kb/HT212804
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212805
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212814
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212819
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212815
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT212817
- MAILING_LISThttp://seclists.org/fulldisclosure/2021/Oct/62
- MAILING_LISThttp://seclists.org/fulldisclosure/2021/Oct/63
- MAILING_LISThttp://seclists.org/fulldisclosure/2021/Oct/61
- VENDOR_ADVISORYhttps://support.apple.com/kb/HT212953