CVE-2021-30917

Summary

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 15.1affected
AppleiOS and iPadOSunspecified < 14.8affected
ApplemacOSunspecified < 12.0affected
ApplemacOSunspecified < 2021affected
ApplemacOSunspecified < 11.6affected
ApplemacOSunspecified < 8.1affected
ApplemacOSunspecified < 15.1affected

Weaknesses

  • Processing a maliciously crafted image may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References