CVE-2021-30771: Input Validation
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution.
Other sources
FontParser. An out-of-bounds write was addressed with improved input validation.
Credit
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2021-30678
- CVE-2021-30676
- CVE-2021-30688
- CVE-2021-30669
- CVE-2021-30707
- CVE-2021-30685
- CVE-2021-30672
- CVE-2021-30681
- CVE-2021-30686
- CVE-2021-30733
- CVE-2021-30753
- CVE-2021-30727
- CVE-2021-30724
- CVE-2021-30673
- CVE-2021-30771
- CVE-2021-30755
- CVE-2021-30684
- CVE-2021-30735
- CVE-2021-30697
- CVE-2021-30710
- CVE-2021-30683
- CVE-2021-30687
- CVE-2021-30700
- CVE-2021-30701
- CVE-2021-30705
- CVE-2021-30706
- CVE-2021-30719
- CVE-2021-30728
- CVE-2021-30726
- CVE-2021-30731
- CVE-2021-30740
- CVE-2021-30704
- CVE-2021-30715
- CVE-2021-30736
- CVE-2021-30739
- CVE-2021-30703
- CVE-2021-30680
- CVE-2021-30677
- CVE-2021-30702
- CVE-2021-30696
- CVE-2021-30756
- CVE-2021-30723
- CVE-2021-30691
- CVE-2021-30692
- CVE-2021-30694
- CVE-2021-30725
- CVE-2021-30746
- CVE-2021-30693
- CVE-2021-30695
- CVE-2021-30708
- CVE-2021-30709
- CVE-2021-30679
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36223
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36221
- CVE-2020-36228
- CVE-2020-36222
- CVE-2020-36230
- CVE-2020-36229
- CVE-2021-30738
- CVE-2021-30751
- CVE-2021-30737
- CVE-2021-30716
- CVE-2021-30717
- CVE-2021-30721
- CVE-2021-30722
- CVE-2021-30712
- CVE-2021-30668
- CVE-2021-30718
- CVE-2021-30671
- CVE-2021-30713
- CVE-2021-30744
- CVE-2021-21779
- CVE-2021-30682
- CVE-2021-30689
- CVE-2021-30749
- CVE-2021-30734
- CVE-2021-30720
- CVE-2021-23841
- CVE-2021-30698
- CVE-2021-30665
- CVE-2021-30663
- CVE-2021-30714
- CVE-2021-30729
- CVE-2021-30674
- CVE-2021-30741
- CVE-2021-1821
- CVE-2021-30699
- CVE-2021-30999
- CVE-2021-30667
Frequently Asked Questions
What is CVE-2021-30771?
CVE-2021-30771 is a vulnerability in FontParser that allows an attacker to perform an out-of-bounds write.
How does CVE-2021-30771 affect Apple tvOS?
Apple tvOS up to version 14.6 is affected by CVE-2021-30771.
How does CVE-2021-30771 affect Apple watchOS?
Apple watchOS up to version 7.5 is affected by CVE-2021-30771.
How does CVE-2021-30771 affect Apple macOS Big Sur?
Apple macOS Big Sur up to version 11.4 is affected by CVE-2021-30771.
How does CVE-2021-30771 affect Apple iOS?
Apple iOS up to version 14.6 is affected by CVE-2021-30771.
How does CVE-2021-30771 affect Apple iPadOS?
Apple iPadOS up to version 14.6 is affected by CVE-2021-30771.
What is the severity of CVE-2021-30771?
The severity of CVE-2021-30771 is not specified.
How do I fix CVE-2021-30771 on Apple tvOS?
To fix CVE-2021-30771 on Apple tvOS, update to version 14.6 or later.
How do I fix CVE-2021-30771 on Apple watchOS?
To fix CVE-2021-30771 on Apple watchOS, update to version 7.5 or later.
How do I fix CVE-2021-30771 on Apple macOS Big Sur?
To fix CVE-2021-30771 on Apple macOS Big Sur, update to version 11.4 or later.
How do I fix CVE-2021-30771 on Apple iOS?
To fix CVE-2021-30771 on Apple iOS, update to version 14.6 or later.
How do I fix CVE-2021-30771 on Apple iPadOS?
To fix CVE-2021-30771 on Apple iPadOS, update to version 14.6 or later.