First published: Mon Apr 26 2021(Updated: )
A double free issue was addressed with improved memory management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted file may lead to heap corruption.
Credit: Found by OSS-Fuzz Found by OSS-Fuzz Found by OSS-Fuzz Found by OSS-Fuzz Found by OSS-Fuzz Found by OSS-Fuzz product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <14.5 | 14.5 |
Apple iPadOS | <14.5 | 14.5 |
Apple tvOS | <14.5 | 14.5 |
<7.4 | 7.4 | |
Apple macOS Big Sur | <11.3 | 11.3 |
Apple Catalina | ||
Apple Mojave | ||
Apple iPadOS | <14.5 | |
Apple iPhone OS | <14.5 | |
Apple Mac OS X | =10.14 | |
Apple Mac OS X | =10.14.0 | |
Apple Mac OS X | =10.14.1 | |
Apple Mac OS X | =10.14.2 | |
Apple Mac OS X | =10.14.3 | |
Apple Mac OS X | =10.14.4 | |
Apple Mac OS X | =10.14.4-beta4 | |
Apple Mac OS X | =10.14.5 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6-security_update_2019-001 | |
Apple Mac OS X | =10.14.6-security_update_2019-002 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.14.6-security_update_2020-007 | |
Apple Mac OS X | =10.14.6-security_update_2021-001 | |
Apple Mac OS X | =10.14.6-security_update_2021-002 | |
Apple Mac OS X | =10.15 | |
Apple Mac OS X | =10.15.1 | |
Apple Mac OS X | =10.15.2 | |
Apple Mac OS X | =10.15.3 | |
Apple Mac OS X | =10.15.4 | |
Apple Mac OS X | =10.15.5 | |
Apple Mac OS X | =10.15.6 | |
Apple Mac OS X | =10.15.6 | |
Apple Mac OS X | =10.15.6-supplemental_update | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7-security_update_2020 | |
Apple Mac OS X | =10.15.7-security_update_2020-001 | |
Apple Mac OS X | =10.15.7-security_update_2020-005 | |
Apple Mac OS X | =10.15.7-security_update_2020-007 | |
Apple Mac OS X | =10.15.7-security_update_2021-001 | |
Apple macOS | >=11.0<11.3 | |
Apple tvOS | <14.5 | |
Apple watchOS | <7.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2021-1875 is a vulnerability in libxslt that allows for a double free issue.
The severity of CVE-2021-1875 is not specified.
The software affected by CVE-2021-1875 includes Apple iOS, Apple iPadOS, Apple watchOS, Apple macOS Big Sur, Apple Catalina, and Apple tvOS.
To fix CVE-2021-1875, update your software to the specified versions provided by Apple.
You can find more information about CVE-2021-1875 on the Apple support website.