First published: Mon Apr 26 2021(Updated: )
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution.
Credit: CFF Topsec Alpha TeamCFF Topsec Alpha TeamCFF Topsec Alpha TeamCFF Topsec Alpha Team product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <14.5 | 14.5 |
Apple iPadOS | <14.5 | 14.5 |
Apple tvOS | <14.5 | 14.5 |
Apple watchOS | <7.4 | 7.4 |
Apple macOS Big Sur | <11.3 | 11.3 |
Apple iPadOS | <14.5 | |
Apple iPhone OS | <14.5 | |
Apple macOS | >=11.0<11.3 | |
Apple tvOS | <14.5 | |
Apple watchOS | <7.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2021-1885.
The severity of CVE-2021-1885 is not specified.
The affected software includes Apple iOS up to version 14.5, Apple iPadOS up to version 14.5, Apple watchOS up to version 7.4, Apple macOS Big Sur up to version 11.3, and Apple tvOS up to version 14.5.
To fix CVE-2021-1885, update to the latest version of the affected software. Please refer to the relevant Apple support articles (linked in the references) for specific instructions.
You can find more information about CVE-2021-1885 in the reference links provided by Apple.