CVE-2021-1881: An out-of-bounds read was addressed with improved input validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

An out-of-bounds read was addressed with improved input validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted font file may lead to arbitrary code execution.

Affected

18 ranges

Vendor	Product	Version range	Fixed in
apple	ios_14.5_and_ipados	—	—
apple	ios_and_ipados	>= unspecified < 14.5	14.5
apple	ipados	< 14.5	14.5
apple	iphone_os	< 14.5	14.5
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x	10.14 – 10.14.5	—
apple	mac_os_x	10.15 – 10.15.5	—
apple	macos	>= 11.0 < 11.3	11.3
apple	macos	>= unspecified < 11.3	11.3
apple	macos	>= unspecified < 2021	2021
apple	macos_big_sur	—	—
apple	security_update_2021-002_catalina	—	—
apple	tvos	< 14.5	14.5
apple	tvos	>= unspecified < 14.5	14.5
apple	watchos	< 7.4	7.4
apple	watchos	>= unspecified < 7.4	7.4