CVE-2021-1838: High severity apple ios and ipados vulnerability

Q: What is CVE-2021-1838?

CVE-2021-1838 is a vulnerability in ImageIO that was addressed with improved checks.

Q: Which software products are affected by CVE-2021-1838?

CVE-2021-1838 affects Apple iOS (up to version 14.4) and Apple iPadOS (up to version 14.4).

Q: How can I fix CVE-2021-1838?

To fix CVE-2021-1838, update your Apple iOS or Apple iPadOS to version 14.4 or higher.

Q: What is the severity of CVE-2021-1838?

The severity of CVE-2021-1838 is not specified in the available information.

Q: Where can I find more information about CVE-2021-1838?

More information about CVE-2021-1838 can be found on the official Apple support page: https://support.apple.com/en-us/HT212146

Published Jan 26, 2021

Updated

ImageIO. This issue was addressed with improved checks.

Other sources

This issue was addressed with improved checks. This issue is fixed in iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

Credit

Mickey Jin & Qi Sun(Trend Micro working with Trend Micro), Xingwei Lin(Ant Security Light), Jeonghoon Shin@@singi21a(THEORI)

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<14.4

14.4

Apple iOS, iPadOS, and macOS<14.4

14.4

Apple iOS, iPadOS, and macOS<14.4

iPhone OS<14.4

Event History

Sep 8, 2021

CVE Published

via MITRE·02:44 PM

Data Sourced

via MITRE·02:44 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT212146

Frequently Asked Questions

What is CVE-2021-1838?

CVE-2021-1838 is a vulnerability in ImageIO that was addressed with improved checks.

Which software products are affected by CVE-2021-1838?

CVE-2021-1838 affects Apple iOS (up to version 14.4) and Apple iPadOS (up to version 14.4).

How can I fix CVE-2021-1838?

To fix CVE-2021-1838, update your Apple iOS or Apple iPadOS to version 14.4 or higher.

What is the severity of CVE-2021-1838?