Apple released iOS | iPadOS 14.8 on Monday with security fixes, along with watchOS 7.6.2 for the Apple Watch Series 3 and later.
iOS 14.8 Security Fixes
CoreGraphics
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An integer overflow was addressed with improved input validation.
- CVE-2021-30860: The Citizen Lab
WebKit
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A use after free issue was addressed with improved memory management.
- CVE-2021-30858: an anonymous researcher
watchOS 7.6.2 Security Fix
- Available for: Apple Watch Series 3 and later
- Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An integer overflow was addressed with improved input validation.
- CVE-2021-30860: The Citizen Lab