CVE-2017-13818: Infoleak
First published: Tue Sep 19 2017(Updated: )
Kernel. A validation issue was addressed with improved input sanitization.
Credit: The UK's National Cyber Security Centre (NCSC) Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich The UK's National Cyber Security Centre (NCSC) Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich an anonymous researcher The UK's National Cyber Security Centre (NCSC) Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich an anonymous researcher The UK's National Cyber Security Centre (NCSC) Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Kevin Backhouse Semmle LtdThe UK's National Cyber Security Centre (NCSC) Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Vlad Tsyrklevich Kevin Backhouse Semmle Ltd product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <11 | 11 |
| Apple macOS High Sierra | <10.13.1 | 10.13.1 |
| Apple Sierra | ||
| Apple El Capitan | ||
| Apple Mac OS X | <=10.13.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT208112 (Advisory)
- https://support.apple.com/en-us/HT208113 (Advisory)
- https://support.apple.com/en-us/HT208115 (Advisory)
- https://support.apple.com/en-us/HT208144 (Advisory)
- https://support.apple.com/en-us/HT208221 (Advisory)
- http://www.securitytracker.com/id/1039710
- https://support.apple.com/HT208221
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2017-13832
- CVE-2016-0736
- CVE-2016-2161
- CVE-2016-5387
- CVE-2016-8740
- CVE-2016-8743
- CVE-2017-13909
- CVE-2017-13809
- CVE-2017-7084
- CVE-2017-7074
- CVE-2017-13820
- CVE-2017-13807
- CVE-2017-7143
- CVE-2017-13829
- CVE-2017-13833
- CVE-2017-7083
- CVE-2017-13821
- CVE-2017-0381
- CVE-2017-13825
- CVE-2017-13890
- CVE-2017-13851
- CVE-2017-7138
- CVE-2017-7121
- CVE-2017-7122
- CVE-2017-7123
- CVE-2017-7124
- CVE-2017-7125
- CVE-2017-7126
- CVE-2017-13815
- CVE-2017-13828
- CVE-2017-13811
- CVE-2017-13835
- CVE-2017-11103
- CVE-2017-13819
- CVE-2017-13830
- CVE-2017-13814
- CVE-2017-13831
- CVE-2017-13837
- CVE-2017-13906
- CVE-2017-7077
- CVE-2017-7119
- CVE-2017-7114
- CVE-2017-13810
- CVE-2017-13817
- CVE-2017-13818
- CVE-2017-13836
- CVE-2017-13841
- CVE-2017-13840
- CVE-2017-13842
- CVE-2017-13782
- CVE-2017-13843
- CVE-2017-13854
- CVE-2017-13834
- CVE-2017-13873
- CVE-2017-13827
- CVE-2017-13813
- CVE-2017-13816
- CVE-2017-13812
- CVE-2016-4736
- CVE-2017-7086
- CVE-2017-1000373
- CVE-2016-9063
- CVE-2017-9233
- CVE-2018-4302
- CVE-2017-5130
- CVE-2017-7376
- CVE-2017-9050
- CVE-2017-9049
- CVE-2017-7141
- CVE-2017-7078
- CVE-2017-6451
- CVE-2017-6452
- CVE-2017-6455
- CVE-2017-6458
- CVE-2017-6459
- CVE-2017-6460
- CVE-2017-6462
- CVE-2017-6463
- CVE-2017-6464
- CVE-2016-9042
- CVE-2017-13824
- CVE-2017-13846
- CVE-2017-10140
- CVE-2017-13822
- CVE-2017-7132
- CVE-2017-13823
- CVE-2017-13808
- CVE-2017-13838
- CVE-2017-7082
- CVE-2017-7080
- CVE-2017-13908
- CVE-2017-13839
- CVE-2017-13910
- CVE-2017-10989
- CVE-2017-7128
- CVE-2017-7129
- CVE-2017-7130
- CVE-2017-7127
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
- CVE-2017-7103
- CVE-2017-7105
- CVE-2017-7108
- CVE-2017-7110
- CVE-2017-7112
- CVE-2017-7116
- CVE-2017-3167
- CVE-2017-3169
- CVE-2017-7659
- CVE-2017-7668
- CVE-2017-7679
- CVE-2017-9788
- CVE-2017-9789
- CVE-2017-13786
- CVE-2017-13800
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-13801
- CVE-2017-13799
- CVE-2017-13852
- CVE-2017-5969
- CVE-2018-4390
- CVE-2018-4391
- CVE-2017-13907
- CVE-2017-7170
- CVE-2017-7150
- CVE-2017-13804
- CVE-2017-11108
- CVE-2017-11541
- CVE-2017-11542
- CVE-2017-11543
- CVE-2017-12893
- CVE-2017-12894
- CVE-2017-12895
- CVE-2017-12896
- CVE-2017-12897
- CVE-2017-12898
- CVE-2017-12899
- CVE-2017-12900
- CVE-2017-12901
- CVE-2017-12902
- CVE-2017-12985
- CVE-2017-12986
- CVE-2017-12987
- CVE-2017-12988
- CVE-2017-12989
- CVE-2017-12990
- CVE-2017-12991
- CVE-2017-12992
- CVE-2017-12993
- CVE-2017-12994
- CVE-2017-12995
- CVE-2017-12996
- CVE-2017-12997
- CVE-2017-12998
- CVE-2017-12999
- CVE-2017-13000
- CVE-2017-13001
- CVE-2017-13002
- CVE-2017-13003
- CVE-2017-13004
- CVE-2017-13005
- CVE-2017-13006
- CVE-2017-13007
- CVE-2017-13008
- CVE-2017-13009
- CVE-2017-13010
- CVE-2017-13011
- CVE-2017-13012
- CVE-2017-13013
- CVE-2017-13014
- CVE-2017-13015
- CVE-2017-13016
- CVE-2017-13017
- CVE-2017-13018
- CVE-2017-13019
- CVE-2017-13020
- CVE-2017-13021
- CVE-2017-13022
- CVE-2017-13023
- CVE-2017-13024
- CVE-2017-13025
- CVE-2017-13026
- CVE-2017-13027
- CVE-2017-13028
- CVE-2017-13029
- CVE-2017-13030
- CVE-2017-13031
- CVE-2017-13032
- CVE-2017-13033
- CVE-2017-13034
- CVE-2017-13035
- CVE-2017-13036
- CVE-2017-13037
- CVE-2017-13038
- CVE-2017-13039
- CVE-2017-13040
- CVE-2017-13041
- CVE-2017-13042
- CVE-2017-13043
- CVE-2017-13044
- CVE-2017-13045
- CVE-2017-13046
- CVE-2017-13047
- CVE-2017-13048
- CVE-2017-13049
- CVE-2017-13050
- CVE-2017-13051
- CVE-2017-13052
- CVE-2017-13053
- CVE-2017-13054
- CVE-2017-13055
- CVE-2017-13687
- CVE-2017-13688
- CVE-2017-13689
- CVE-2017-13690
- CVE-2017-13725
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13080
- CVE-2017-7081
- CVE-2017-7087
- CVE-2017-7091
- CVE-2017-7092
- CVE-2017-7093
- CVE-2017-7094
- CVE-2017-7095
- CVE-2017-7096
- CVE-2017-7098
- CVE-2017-7099
- CVE-2017-7100
- CVE-2017-7102
- CVE-2017-7104
- CVE-2017-7107
- CVE-2017-7111
- CVE-2017-7117
- CVE-2017-7120
- CVE-2017-7090
- CVE-2017-7109
- CVE-2017-11120
- CVE-2017-11121
- CVE-2017-7115
- CVE-2017-11122
- CVE-2017-13863
- CVE-2017-7131
- CVE-2017-7088
- CVE-2017-7072
- CVE-2017-7140
- CVE-2017-7148
- CVE-2017-7097
- CVE-2017-7118
- CVE-2017-7133
- CVE-2017-7075
- CVE-2017-7139
- CVE-2017-13806
- CVE-2017-7085
- CVE-2017-13877
- CVE-2017-7146
- CVE-2017-6211
- CVE-2017-7145
- CVE-2017-7089
- CVE-2017-7106
- CVE-2017-7144
- CVE-2017-7142
Frequently Asked Questions
What is CVE-2017-13818?
CVE-2017-13818 is a vulnerability in the Kernel component of certain Apple products that allows attackers to bypass memory-read restrictions.
Which products are affected by CVE-2017-13818?
macOS versions before 10.13.1, macOS High Sierra versions up to 10.13, Sierra, El Capitan, tvOS versions up to 11, iOS versions up to 11, and watchOS versions up to 4 are affected by CVE-2017-13818.
What is the severity of CVE-2017-13818?
CVE-2017-13818 has a severity rating of medium with a severity value of 5.5.
How can I fix CVE-2017-13818?
Update your Apple products to macOS 10.13.1 or later, or install the latest security updates provided by Apple for your specific product.
Where can I find more information about CVE-2017-13818?
You can find more information about CVE-2017-13818 on the official Apple support website at the following URLs: [Reference 1](https://support.apple.com/en-us/HT208115), [Reference 2](https://support.apple.com/en-us/HT208221), [Reference 3](https://support.apple.com/en-us/HT208113).
- collector/nvd-index
- collector/apple-support
- alias/CVE-2017-13836
- alias/CVE-2017-13841
- alias/CVE-2017-13840
- alias/CVE-2017-13842
- alias/CVE-2017-13782
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/software-canonical-lookup-request
- agent/references
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple mac os x
- version/apple mac os x/10.13.0
- canonical/apple macos high sierra
- canonical/apple watchos
- canonical/apple sierra
- canonical/apple el capitan
- canonical/apple tvos
- canonical/apple ios