What is CVE-2021-30831?

CVE-2021-30831 is a vulnerability in the FontParser component that allows for an out-of-bounds read due to improved input validation.

Which software versions are affected by CVE-2021-30831?

CVE-2021-30831 affects Apple watchOS up to version 8, Apple iOS up to version 15, Apple iPadOS up to version 15, Apple macOS Monterey up to version 12.0.1, and Apple tvOS up to version 15.

What is the severity of CVE-2021-30831?

The severity of CVE-2021-30831 is not mentioned in the provided information.

How do I fix CVE-2021-30831?

To fix CVE-2021-30831, it is recommended to update your affected software to the latest version provided by Apple.

Where can I find more information about CVE-2021-30831?

More information about CVE-2021-30831 can be found on the official Apple support page at the following links: [support.apple.com/en-us/HT212814](support.apple.com/en-us/HT212814), [support.apple.com/en-us/HT212819](support.apple.com/en-us/HT212819), [support.apple.com/en-us/HT212815](support.apple.com/en-us/HT212815).

Vulnerability/
CVE-2021-30831

medium

5.5

CWE

20 125

20/9/2021

28/10/2021

3/8/2024

CVE-2021-30831: Input Validation

First published: Mon Sep 20 2021(Updated: )

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.

Credit: Xingwei Lin Ant Security LightXingwei Lin Ant Security LightXingwei Lin Ant Security LightXingwei Lin Ant Security Light product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iOS	<15	15
Apple iPadOS	<15	15
Apple tvOS	<15	15
Apple watchOS	<8	8
Apple macOS Monterey	<12.0.1	12.0.1
Apple iPadOS	<15.0
Apple iPhone OS	<15.0
Apple macOS	<12.0.1
Apple tvOS	<15.0
Apple watchOS	<8.0

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212814 (Advisory)
https://support.apple.com/en-us/HT212815 (Advisory)
https://support.apple.com/en-us/HT212819 (Advisory)
https://support.apple.com/en-us/HT212869 (Advisory)
https://support.apple.com/kb/HT212869

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30873
CVE-2021-30876
CVE-2021-30879
CVE-2021-30877
CVE-2021-30880
CVE-2021-30994
CVE-2021-30907
CVE-2021-30899
CVE-2021-30931
CVE-2021-30866
CVE-2021-30917
CVE-2021-30903
CVE-2021-30905
CVE-2021-30919
CVE-2020-9846
CVE-2021-30881
CVE-2021-30923
CVE-2021-30831
CVE-2021-30840
CVE-2021-30852
CVE-2021-30895
CVE-2021-30896
CVE-2021-30933
CVE-2021-30906
CVE-2021-30867
CVE-2021-30814
CVE-2021-30922
CVE-2021-30824
CVE-2021-30901
CVE-2021-30821
CVE-2021-30883
CVE-2021-30924
CVE-2021-30886
CVE-2021-30909
CVE-2021-30916
CVE-2021-30864
CVE-2021-30813
CVE-2021-31011
CVE-2021-30904
CVE-2021-30910
CVE-2021-30911
CVE-2021-30874
CVE-2021-30808
CVE-2021-30920
CVE-2021-31004
CVE-2021-31002
CVE-2021-30868
CVE-2021-30912
CVE-2021-30913
CVE-2021-30915
CVE-2021-31005
CVE-2021-31008
CVE-2021-30897
CVE-2021-30884
CVE-2021-30818
CVE-2021-30836
CVE-2021-30846
CVE-2021-30849
CVE-2021-30848
CVE-2021-30851
CVE-2021-30809
CVE-2021-30823
CVE-2021-30887
CVE-2021-30888
CVE-2021-30889
CVE-2021-30861
CVE-2021-30890
CVE-2021-30930
CVE-2021-30908
CVE-2021-30833
CVE-2021-30892
CVE-2021-30837
CVE-2021-30811
CVE-2021-30834
CVE-2021-30928
CVE-2021-30882
CVE-2021-30841
CVE-2021-30842
CVE-2021-30843
CVE-2021-30835
CVE-2021-30847
CVE-2021-30857
CVE-2013-0340
CVE-2021-30855
CVE-2021-30854
CVE-2021-30925
CVE-2021-30810
CVE-2021-30838
CVE-2021-30850
CVE-2021-30825
CVE-2021-30863
CVE-2021-30816
CVE-2021-30819
CVE-2021-30898
CVE-2021-30870
CVE-2021-30815
CVE-2021-31001
CVE-2021-30826

Frequently Asked Questions

What is CVE-2021-30831?
CVE-2021-30831 is a vulnerability in the FontParser component that allows for an out-of-bounds read due to improved input validation.
Which software versions are affected by CVE-2021-30831?
CVE-2021-30831 affects Apple watchOS up to version 8, Apple iOS up to version 15, Apple iPadOS up to version 15, Apple macOS Monterey up to version 12.0.1, and Apple tvOS up to version 15.
What is the severity of CVE-2021-30831?
The severity of CVE-2021-30831 is not mentioned in the provided information.
How do I fix CVE-2021-30831?
To fix CVE-2021-30831, it is recommended to update your affected software to the latest version provided by Apple.
Where can I find more information about CVE-2021-30831?
More information about CVE-2021-30831 can be found on the official Apple support page at the following links: [support.apple.com/en-us/HT212814](support.apple.com/en-us/HT212814), [support.apple.com/en-us/HT212819](support.apple.com/en-us/HT212819), [support.apple.com/en-us/HT212815](support.apple.com/en-us/HT212815).

collector/apple-support
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/software-canonical-lookup-request
agent/author
agent/references
agent/weakness
agent/severity
agent/tags
agent/event
agent/description
collector/nvd-index
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple macos monterey
canonical/apple watchos
canonical/apple tvos
canonical/apple ios
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos