CVE-2021-30991: Critical severity apple ios and ipados vulnerability

Q: What is the vulnerability ID?

The vulnerability ID is CVE-2021-30991.

Q: What is the title of the vulnerability?

The title of the vulnerability is 'IOMobileFrameBuffer. An out-of-bounds read was addressed with improved bounds checking.'

Q: Which software is affected by CVE-2021-30991?

Apple iOS (up to version 15.2) and Apple iPadOS (up to version 15.2) are affected by CVE-2021-30991.

Q: How can I fix CVE-2021-30991?

To fix CVE-2021-30991, update your Apple iOS or Apple iPadOS to version 15.2.

Q: Where can I find more information about CVE-2021-30991?

You can find more information about CVE-2021-30991 on the Apple support website at https://support.apple.com/en-us/HT212976.

Published Aug 24, 2021

Updated

IOMobileFrameBuffer. An out-of-bounds read was addressed with improved bounds checking.

Other sources

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

Credit

Tielei Wang(Pangu Lab)

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<15.2

15.2

Apple iOS, iPadOS, and macOS<15.2

15.2

Apple iOS, iPadOS, and macOS<15.2

iPhone OS<15.2

Event History

Aug 24, 2021

CVE Published

via MITRE·06:51 PM

Data Sourced

via MITRE·06:51 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT212976

Frequently Asked Questions

What is the vulnerability ID?

The vulnerability ID is CVE-2021-30991.

What is the title of the vulnerability?

The title of the vulnerability is 'IOMobileFrameBuffer. An out-of-bounds read was addressed with improved bounds checking.'

Which software is affected by CVE-2021-30991?

Apple iOS (up to version 15.2) and Apple iPadOS (up to version 15.2) are affected by CVE-2021-30991.

How can I fix CVE-2021-30991?