First published: Thu Nov 12 2020(Updated: )
FontParser. An out-of-bounds read was addressed with improved input validation.
Credit: Peter Nguyen Vu Hoang STAR LabsPeter Nguyen Vu Hoang STAR Labs product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Big Sur | <11.2 | 11.2 |
Apple Catalina | ||
Apple Mojave | ||
Apple macOS Big Sur | <11.0.1 | 11.0.1 |
Apple Mac OS X | >=10.15<10.15.7 | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7-security_update_2020-001 | |
Apple Mac OS X | =10.15.7-supplemental_update | |
Apple macOS | >=11.0<11.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-1790 is a vulnerability in FontParser that allows an out-of-bounds read.
The severity of CVE-2021-1790 is not specified in the provided information.
CVE-2021-1790 affects macOS Big Sur version 11.0.1 by allowing an out-of-bounds read.
To fix CVE-2021-1790 on macOS Big Sur version 11.0.1, update to a version that has the improved input validation.
More information about CVE-2021-1790 can be found at the following references: [Reference 1](https://support.apple.com/en-us/HT212147), [Reference 2](https://support.apple.com/en-us/HT211931).