Apple is rolling out the iOS 12.5.4 update for older iPhones, iPads, and iPods including but not limited to the iPhone 5s, iPhone 6, 6th generation iPod Touch among others. It is a security update that addresses memory corruption and arbitrary code execution (ACE) vulnerabilities. It addresses the following vulnerabilities:
CVE-2021-30737
The update addresses WebKit (possibly exploited) vulnerabilities that pose the risk of arbitrary code execution and memory corruption (addressed with improved state management). This vulnerability is exploited via maliciously crafted web content.
CVE-2021-30761
This is also an arbitrary code execution vulnerability that was addressed with improved memory management. Like the vulnerability above, it is an issue for those who access maliciously crafted web content.
