5 matches found
CVE-2021-30737
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability found by @xerub. Phrack published @xerub's writeup so go check that out first. As well as doing my own vulnerability research I also spend time trying as best as I can to keep up with the public...
CVE-2021-30737
CVE-2021-30737 is an iOS/macOS NSS ASN.1 decoding issue in Apple’s secasn1d.c, fixed in iOS 14.6. The root cause is a memory corruption primitive arising from Apple’s NSS fork’s ASN.1 bit-string handling. A path in sec_asn1d_parse_bit_string can set the destination item’s Data pointer to NULL for...
Apple iOS < 12.5.4 Multiple Vulnerabilities (HT212548)
Binary data appleios1254check.nbin...
About the security content of iOS 12.5.4
About the security content of iOS 12.5.4 This document describes the security content of iOS 12.5.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...