CVE-2021-1871: 
Rocky Linux vulnerability analysis and mitigation

CVE-2021-1871 is a logic issue vulnerability in WebKit that affects Apple's iOS, iPadOS, and macOS operating systems. The vulnerability was discovered and reported by an anonymous researcher and was fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Apple acknowledged that this vulnerability may have been actively exploited in the wild (Apple Security).

The vulnerability is a logic issue in WebKit, Apple's browser engine, that was addressed with improved restrictions. It has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that it can be exploited remotely with no privileges or user interaction required (NVD).

When successfully exploited, this vulnerability allows a remote attacker to execute arbitrary code on the target system. The high severity score reflects the potential for complete compromise of system confidentiality, integrity, and availability (NVD, Apple Security).

Apple has released security updates to address this vulnerability. Users should update to macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4, or iPadOS 14.4, depending on their system. The vulnerability has also been patched in WebKitGTK version 2.32.0 for Linux systems (Debian Security, Fedora Update).