CVE-2021-30698: Input Validation

Q: What is CVE-2021-30698?

CVE-2021-30698 is a vulnerability in WebRTC that allows for a null pointer dereference, which has been addressed with improved input validation.

Q: Which software and versions are affected by CVE-2021-30698?

CVE-2021-30698 affects Apple Safari version up to and excluding 14.1.1, macOS Big Sur version up to and excluding 11.4, Apple iOS version up to and excluding 14.6, and Apple iPadOS version up to and excluding 14.6.

Q: How severe is CVE-2021-30698?

The severity of CVE-2021-30698 is not specified in the provided information.

Q: How can I fix CVE-2021-30698?

To fix CVE-2021-30698, update Apple Safari to version 14.1.1 or later, macOS Big Sur to version 11.4 or later, iOS to version 14.6 or later, and iPadOS to version 14.6 or later.

Q: Where can I find more information about CVE-2021-30698?

You can find more information about CVE-2021-30698 on the Apple support page: [link](https://support.apple.com/en-us/HT212529)

Published May 24, 2021

Updated

WebRTC. A null pointer dereference was addressed with improved input validation.

Other sources

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.

Credit

Tavis Ormandy(Google)

Affected Software

8 affected componentsFixes available

Apple macOS Big Sur<11.4

11.4

Safari<14.1.1

14.1.1

Apple iOS and iPadOS<14.6

14.6

Apple iOS, iPadOS, and macOS<14.6

14.6

Safari<14.1.1

Apple iOS, iPadOS, and macOS<14.6

iPhone OS<14.6

macOS>=11.0<11.4

Event History

Sep 8, 2021

CVE Published

via MITRE·02:28 PM

Data Sourced

via MITRE·02:28 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2021-30678
CVE-2021-30676
CVE-2021-30688
CVE-2021-30669
CVE-2021-30707
CVE-2021-30685
CVE-2021-30672
CVE-2021-30681
CVE-2021-30686
CVE-2021-30733
CVE-2021-30753
CVE-2021-30727
CVE-2021-30724
CVE-2021-30673
CVE-2021-30771
CVE-2021-30755
CVE-2021-30684
CVE-2021-30735
CVE-2021-30697
CVE-2021-30710
CVE-2021-30683
CVE-2021-30687
CVE-2021-30700
CVE-2021-30701
CVE-2021-30705
CVE-2021-30706
CVE-2021-30719
CVE-2021-30728
CVE-2021-30726
CVE-2021-30731
CVE-2021-30740
CVE-2021-30704
CVE-2021-30715
CVE-2021-30736
CVE-2021-30739
CVE-2021-30703
CVE-2021-30680
CVE-2021-30677
CVE-2021-30702
CVE-2021-30696
CVE-2021-30756
CVE-2021-30723
CVE-2021-30691
CVE-2021-30692
CVE-2021-30694
CVE-2021-30725
CVE-2021-30746
CVE-2021-30693
CVE-2021-30695
CVE-2021-30708
CVE-2021-30709
CVE-2021-30679
CVE-2020-36226
CVE-2020-36227
CVE-2020-36223
CVE-2020-36224
CVE-2020-36225
CVE-2020-36221
CVE-2020-36228
CVE-2020-36222
CVE-2020-36230
CVE-2020-36229
CVE-2021-30738
CVE-2021-30751
CVE-2021-30737
CVE-2021-30716
CVE-2021-30717
CVE-2021-30721
CVE-2021-30722
CVE-2021-30712
CVE-2021-30668
CVE-2021-30718
CVE-2021-30671
CVE-2021-30713
CVE-2021-30744
CVE-2021-21779
CVE-2021-30682
CVE-2021-30689
CVE-2021-30749
CVE-2021-30734
CVE-2021-30720
CVE-2021-23841
CVE-2021-30698
CVE-2021-30663
CVE-2021-30714
CVE-2021-30729
CVE-2021-30674
CVE-2021-30741
CVE-2021-1821
CVE-2021-30699
CVE-2021-30999
CVE-2021-30667

Frequently Asked Questions

What is CVE-2021-30698?

CVE-2021-30698 is a vulnerability in WebRTC that allows for a null pointer dereference, which has been addressed with improved input validation.

Which software and versions are affected by CVE-2021-30698?