CVE-2021-30831: Input Validation
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.
Other sources
FontParser. An out-of-bounds read was addressed with improved input validation.
Credit
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2021-30837
- CVE-2021-30838
- CVE-2021-30866
- CVE-2021-30834
- CVE-2021-30928
- CVE-2021-30831
- CVE-2021-30840
- CVE-2021-30841
- CVE-2021-30842
- CVE-2021-30843
- CVE-2021-30852
- CVE-2021-30814
- CVE-2021-30835
- CVE-2021-30847
- CVE-2021-30857
- CVE-2013-0340
- CVE-2021-30855
- CVE-2021-30854
- CVE-2021-30850
- CVE-2021-30808
- CVE-2021-30897
- CVE-2021-30884
- CVE-2021-30818
- CVE-2021-30823
- CVE-2021-30836
- CVE-2021-30809
- CVE-2021-30846
- CVE-2021-30849
- CVE-2021-30851
- CVE-2021-30810
- CVE-2021-30811
- CVE-2021-30882
- CVE-2021-30925
- CVE-2021-30873
- CVE-2021-30876
- CVE-2021-30879
- CVE-2021-30877
- CVE-2021-30880
- CVE-2021-30994
- CVE-2021-30907
- CVE-2021-30899
- CVE-2021-30931
- CVE-2021-30917
- CVE-2021-30903
- CVE-2021-30905
- CVE-2021-30919
- CVE-2020-9846
- CVE-2021-30881
- CVE-2021-30923
- CVE-2021-30895
- CVE-2021-30896
- CVE-2021-30933
- CVE-2021-30906
- CVE-2021-30867
- CVE-2021-30922
- CVE-2021-30824
- CVE-2021-30901
- CVE-2021-30821
- CVE-2021-30883
- CVE-2021-30924
- CVE-2021-30886
- CVE-2021-30909
- CVE-2021-30916
- CVE-2021-30864
- CVE-2021-30813
- CVE-2021-31011
- CVE-2021-30904
- CVE-2021-30910
- CVE-2021-30911
- CVE-2021-30874
- CVE-2021-30920
- CVE-2021-31004
- CVE-2021-31002
- CVE-2021-30868
- CVE-2021-30912
- CVE-2021-30913
- CVE-2021-30915
- CVE-2021-31005
- CVE-2021-31008
- CVE-2021-30848
- CVE-2021-30887
- CVE-2021-30888
- CVE-2021-30889
- CVE-2021-30861
- CVE-2021-30890
- CVE-2021-30930
- CVE-2021-30908
- CVE-2021-30833
- CVE-2021-30892
- CVE-2021-30825
- CVE-2021-30863
- CVE-2021-30816
- CVE-2021-30819
- CVE-2021-30898
- CVE-2021-30870
- CVE-2021-30815
- CVE-2021-31001
- CVE-2021-30826
Frequently Asked Questions
What is CVE-2021-30831?
CVE-2021-30831 is a vulnerability in the FontParser component that allows for an out-of-bounds read due to improved input validation.
Which software versions are affected by CVE-2021-30831?
CVE-2021-30831 affects Apple watchOS up to version 8, Apple iOS up to version 15, Apple iPadOS up to version 15, Apple macOS Monterey up to version 12.0.1, and Apple tvOS up to version 15.
What is the severity of CVE-2021-30831?
The severity of CVE-2021-30831 is not mentioned in the provided information.
How do I fix CVE-2021-30831?
To fix CVE-2021-30831, it is recommended to update your affected software to the latest version provided by Apple.
Where can I find more information about CVE-2021-30831?
More information about CVE-2021-30831 can be found on the official Apple support page at the following links: [support.apple.com/en-us/HT212814](support.apple.com/en-us/HT212814), [support.apple.com/en-us/HT212819](support.apple.com/en-us/HT212819), [support.apple.com/en-us/HT212815](support.apple.com/en-us/HT212815).