CVE-2021-30703

HIGH

tvOS 14.6-iOS 14.6- iPadOS 14.6 - Use After Free

Title source: llm

Description

A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.

References (6)

[Vendor Advisory] https://support.apple.com/en-us/HT212528

[Vendor Advisory] https://support.apple.com/en-us/HT212529

[Vendor Advisory] https://support.apple.com/en-us/HT212532

[Vendor Advisory] https://support.apple.com/en-us/HT212533

[Vendor Advisory] https://support.apple.com/en-us/HT212600

[Vendor Advisory] https://support.apple.com/en-us/HT212603

Scores

CVSS v3 7.8

EPSS 0.0032

EPSS Percentile 54.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (35)

apple/ipados < 14.6

apple/iphone_os < 14.6

apple/mac_os_x < 10.14.5

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x

... and 20 more

Timeline

Published Sep 08, 2021

Tracked Since Feb 18, 2026