CVE-2021-31013
First published: Tue Aug 24 2021(Updated: )
FontParser. An out-of-bounds read was addressed with improved bounds checking.
Credit: Daniel Lim Wee Soong STAR LabsDaniel Lim Wee Soong STAR LabsDaniel Lim Wee Soong STAR LabsDaniel Lim Wee Soong STAR LabsDaniel Lim Wee Soong STAR Labs cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Monterey | <12.1 | 12.1 |
| Apple watchOS | <8.3 | 8.3 |
| Apple tvOS | <15.2 | 15.2 |
| Apple iOS | <15.2 | 15.2 |
| Apple iPadOS | <15.2 | 15.2 |
| Apple iPadOS | <15.2 | |
| Apple iPhone OS | <15.2 | |
| Apple macOS | >=11.0<11.6.2 | |
| Apple macOS | >=12.0.0<12.1 | |
| Apple macOS | <11.6.2 | 11.6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212975 (Advisory)
- https://support.apple.com/en-us/HT212976 (Advisory)
- https://support.apple.com/en-us/HT212978 (Advisory)
- https://support.apple.com/en-us/HT212979 (Advisory)
- https://support.apple.com/en-us/HT212980 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30987
- CVE-2021-30950
- CVE-2021-30960
- CVE-2021-30986
- CVE-2021-30966
- CVE-2021-30926
- CVE-2021-30942
- CVE-2021-30957
- CVE-2021-30958
- CVE-2021-30935
- CVE-2021-30945
- CVE-2021-31007
- CVE-2021-31013
- CVE-2021-31000
- CVE-2021-30977
- CVE-2021-30939
- CVE-2021-30981
- CVE-2021-30996
- CVE-2021-30982
- CVE-2021-30937
- CVE-2021-30927
- CVE-2021-30980
- CVE-2021-30949
- CVE-2021-30993
- CVE-2021-30955
- CVE-2021-30976
- CVE-2021-30990
- CVE-2021-30943
- CVE-2021-31009
- CVE-2021-30971
- CVE-2021-30973
- CVE-2021-30929
- CVE-2021-30979
- CVE-2021-30940
- CVE-2021-30941
- CVE-2021-30995
- CVE-2021-30968
- CVE-2021-30946
- CVE-2021-30947
- CVE-2021-30975
- CVE-2021-30944
- CVE-2021-30972
- CVE-2021-30767
- CVE-2021-30964
- CVE-2021-30970
- CVE-2021-30965
- CVE-2021-30934
- CVE-2021-30936
- CVE-2021-30951
- CVE-2021-30952
- CVE-2021-30984
- CVE-2021-30953
- CVE-2021-30954
- CVE-2021-30938
- CVE-2021-30916
- CVE-2021-30962
- CVE-2021-30956
- CVE-2021-30992
- CVE-2021-30983
- CVE-2021-30985
- CVE-2021-30991
- CVE-2021-30998
- CVE-2021-30997
- CVE-2021-30967
- CVE-2021-30988
- CVE-2021-30932
- CVE-2021-30948
- CVE-2021-30931
- CVE-2021-30959
- CVE-2021-30961
- CVE-2021-30963
- CVE-2021-30895
- CVE-2021-30969
- CVE-2021-31002
Frequently Asked Questions
What is CVE-2021-31013?
CVE-2021-31013 is a vulnerability in the FontParser component that allows an out-of-bounds read due to insufficient bounds checking.
Which software versions are affected by CVE-2021-31013?
CVE-2021-31013 affects macOS Monterey 12.1, macOS Big Sur 11.6.2, watchOS 8.3, iOS 15.2, iPadOS 15.2, and tvOS 15.2.
How can this vulnerability be exploited?
By exploiting CVE-2021-31013, an attacker can trigger an out-of-bounds read in the FontParser component, potentially leading to information disclosure or a crash.
What is the severity of CVE-2021-31013?
The severity of CVE-2021-31013 is not specified, but it is important to apply the necessary security updates to mitigate the risk.
How can I fix CVE-2021-31013?
To fix CVE-2021-31013, it is recommended to update to the latest version of the affected software as provided by Apple.
- collector/apple-support
- agent/type
- agent/softwarecombine
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/trending
- agent/source
- agent/tags
- vendor/apple
- canonical/apple macos monterey
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple ios
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/11.0
- version/apple macos/12.0.0