CVE-2021-30942
Description
Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.
CWE
- (none)
Affected
- Apple / watchOS — v=unspecified <8.3 [affected]
- Apple / iOS and iPadOS — v=unspecified <15.2 [affected]
- Apple / macOS — v=unspecified <12.1 [affected]
- Apple / macOS — v=unspecified <11.6 [affected]
- Apple / macOS — v=unspecified <15.2 [affected]
- Apple / macOS — v=unspecified <2021 [affected]
CVSS
- (none)
References
- https://support.apple.com/en-us/HT212975 x_refsource_MISC
- https://support.apple.com/en-us/HT212976 x_refsource_MISC
- https://support.apple.com/en-us/HT212978 x_refsource_MISC
- https://support.apple.com/en-us/HT212979 x_refsource_MISC
- https://support.apple.com/en-us/HT212981 x_refsource_MISC
- https://support.apple.com/en-us/HT212980 x_refsource_MISC
- http://packetstormsecurity.com/files/165559/Apple-ColorSync-Out-Of-Bounds-Read.html x_refsource_MISC
Source
cvelistV5-main/cves/2021/30xxx/CVE-2021-30942.json