Vulnerability CVE-2018-4363

Vulnerability CVE-2018-4363

Published: 2019-04-03

Description:

An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

See advisories in our WLB2 database:

	Topic	Author	Date
Med.	iOS copyin Check Kernel Stack Memory Disclosure	Google Security ...	20.10.2018

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.1/10	6.9/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	None	None

Affected software
Apple -> Iphone os
Apple -> TVOS
Apple -> Watchos

References:

https://support.apple.com/kb/HT209106

https://support.apple.com/kb/HT209107

https://support.apple.com/kb/HT209108

Copyright 2024, cxsecurity.com