CVE-2021-1788: 
Rocky Linux vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2021-1788) was discovered in WebKit, affecting multiple Apple operating systems including iOS 14.4, iPadOS 14.4, macOS Big Sur 11.2, tvOS 14.4, watchOS 7.3, and Safari 14.0.3. The vulnerability was discovered by Francisco Alonso (@revskills) and was disclosed in January 2021. The issue affected the processing of maliciously crafted web content, which could lead to arbitrary code execution (Apple HT212146, Apple HT212147).

The vulnerability is a use-after-free issue in WebKit that was addressed with improved memory management. The severity of this vulnerability is rated as HIGH with a CVSS v3.1 base score of 8.8 (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vulnerability requires user interaction and can be exploited through maliciously crafted web content (NVD).

When successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the affected system through maliciously crafted web content. This could potentially lead to the compromise of sensitive user information and system control (Apple HT212146).

Apple addressed this vulnerability by improving memory management in WebKit. The fix was released in multiple security updates: iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, and Safari 14.0.3. Users are advised to update their systems to these versions or later (Apple HT212146, Apple HT212147).