What is CVE-2018-4192?

CVE-2018-4192 is a vulnerability in certain Apple products that allows a race condition and has been addressed with improved locking.

Which Apple products are affected by CVE-2018-4192?

iOS before 11.4, Safari before 11.1.1, iCloud before 7.5 on Windows, iTunes before 12.7.5 on Windows, tvOS before 11.4, and watchOS before 4.3.1 are affected by CVE-2018-4192.

What is the severity of CVE-2018-4192?

CVE-2018-4192 has a severity level of high with a CVSS score of 7.5.

How can I fix CVE-2018-4192?

To fix CVE-2018-4192, make sure to update to the recommended versions of the affected Apple products: iOS 11.4, Safari 11.1.1, iCloud 7.5 on Windows, iTunes 12.7.5 on Windows, tvOS 11.4, and watchOS 4.3.1.

Where can I find more information about CVE-2018-4192?

You can find more information about CVE-2018-4192 on the Apple support page at https://support.apple.com/en-us/HT208852, SecurityTracker at http://www.securitytracker.com/id/1041029, and Gentoo Security at https://security.gentoo.org/glsa/201808-04.

Vulnerability/
CVE-2018-4192

high

7.5

CWE

362

29/5/2018

8/6/2018

5/8/2024

CVE-2018-4192: Race Condition

First published: Tue May 29 2018(Updated: )

WebKit. A race condition was addressed with improved locking.

Credit: Markus Gaasedelen Amy Burnett Patrick Biernat Ret2 Systems Inc working with Trend Micro product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iTunes for Windows	<12.7.5	12.7.5
Apple Safari	<11.1.1
Apple iPhone OS	<11.4
Apple tvOS	<11.4
Apple watchOS	<4.3.1
Apple iCloud	<7.5
Microsoft Windows
Apple iTunes	<12.7.5

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

HT208852

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2018-4192?
CVE-2018-4192 is a vulnerability in certain Apple products that allows a race condition and has been addressed with improved locking.
Which Apple products are affected by CVE-2018-4192?
iOS before 11.4, Safari before 11.1.1, iCloud before 7.5 on Windows, iTunes before 12.7.5 on Windows, tvOS before 11.4, and watchOS before 4.3.1 are affected by CVE-2018-4192.
What is the severity of CVE-2018-4192?
CVE-2018-4192 has a severity level of high with a CVSS score of 7.5.
How can I fix CVE-2018-4192?
To fix CVE-2018-4192, make sure to update to the recommended versions of the affected Apple products: iOS 11.4, Safari 11.1.1, iCloud 7.5 on Windows, iTunes 12.7.5 on Windows, tvOS 11.4, and watchOS 4.3.1.
Where can I find more information about CVE-2018-4192?
You can find more information about CVE-2018-4192 on the Apple support page at https://support.apple.com/en-us/HT208852, SecurityTracker at http://www.securitytracker.com/id/1041029, and Gentoo Security at https://security.gentoo.org/glsa/201808-04.

collector/apple-support
agent/type
agent/last-modified-date
agent/first-publish-date
agent/weakness
agent/severity
agent/references
agent/author
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple itunes for windows
canonical/apple safari
canonical/apple iphone os
canonical/apple tvos
canonical/apple watchos
canonical/apple icloud
vendor/microsoft
canonical/microsoft windows
canonical/apple itunes