CVE-2021-30951

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: Aug 24, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-30951
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
apple / watchos	-	8.3
apple / iphone_os	-	15.2
apple / ipados	-	15.2
apple / tvos	-	15.2
apple / safari	-	15.2
apple / macos	12.0.0	12.1
fedoraproject / fedora	34	34.x
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x
fedoraproject / fedora	35	35.x

http://www.openwall.com/lists/oss-security/2022/01/21/2
https://lists.fedoraproject.org/archives/list/[email protected]/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/
https://support.apple.com/en-us/HT212975
https://support.apple.com/en-us/HT212976
https://support.apple.com/en-us/HT212978
https://support.apple.com/en-us/HT212980
https://support.apple.com/en-us/HT212982
https://www.debian.org/security/2022/dsa-5060
https://www.debian.org/security/2022/dsa-5061

Vulnerability Database

290,278

CVE-2021-30951