CVE-2018-4212
First published: Thu Mar 29 2018(Updated: )
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Credit: found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz product-security@apple.com product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <11.1 | 11.1 |
| Apple iCloud for Windows | <7.4 | 7.4 |
| Apple watchOS | <4.3 | 4.3 |
| Apple tvOS | <11.3 | 11.3 |
| Apple iOS | <11.3 | 11.3 |
| Apple Safari | <11.1 | |
| Apple iPhone OS | <11.3 | |
| Apple tvOS | <11.3 | |
| Apple watchOS | <4.3 | |
| All of | ||
| Any of | ||
| Apple iCloud | <7.4 | |
| Apple iTunes | <12.7.4 | |
| Microsoft Windows | ||
| Canonical Ubuntu Linux | =18.04 | |
| Webkitgtk Webkitgtk\+ | <=2.22.0 | |
| Apple iCloud | <7.4 | |
| Apple iTunes | <12.7.4 | |
| Microsoft Windows | ||
| ubuntu/webkit2gtk | <2.22.2-0ubuntu0.18.04.1 | 2.22.2-0ubuntu0.18.04.1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.2-1ubuntu1 | 2.22.2-1ubuntu1 |
| ubuntu/webkit2gtk | <2.22.0 | 2.22.0 |
| debian/webkit2gtk | 2.44.2-1~deb11u1 2.44.2-1~deb12u1 2.44.2-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT208695 (Advisory)
- https://support.apple.com/en-us/HT208697 (Advisory)
- https://support.apple.com/HT208693,
- https://support.apple.com/HT208695,
- https://support.apple.com/HT208696,
- https://support.apple.com/HT208697,
- https://support.apple.com/HT208698,
- https://support.apple.com/HT208694
- https://security.gentoo.org/glsa/201812-04
- https://usn.ubuntu.com/3781-1/
- https://launchpad.net/bugs/cve/CVE-2018-4212
- https://support.apple.com/en-us/HT208696 (Advisory)
- https://support.apple.com/en-us/HT208698 (Advisory)
- https://support.apple.com/en-us/HT208693 (Advisory)
- https://webkitgtk.org/security/WSA-2018-0007.html
- https://security-tracker.debian.org/tracker/CVE-2018-4212
- https://support.apple.com/HT208693%2C
- https://support.apple.com/HT208695%2C
- https://support.apple.com/HT208696%2C
- https://support.apple.com/HT208697%2C
- https://support.apple.com/HT208698%2C
- https://www.openwall.com/lists/oss-security/2018/09/29/1
- https://ubuntu.com/security/notices/USN-3781-1
- https://www.cve.org/CVERecord?id=CVE-2018-4212
- https://nvd.nist.gov/vuln/detail/CVE-2018-4212
- https://ubuntu.com/security/CVE-2018-4212
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2018-4102
- CVE-2018-4116
- CVE-2018-4186
- CVE-2018-4137
- CVE-2018-4101
- CVE-2018-4114
- CVE-2018-4118
- CVE-2018-4119
- CVE-2018-4120
- CVE-2018-4121
- CVE-2018-4122
- CVE-2018-4125
- CVE-2018-4127
- CVE-2018-4128
- CVE-2018-4129
- CVE-2018-4130
- CVE-2018-4161
- CVE-2018-4162
- CVE-2018-4163
- CVE-2018-4165
- CVE-2018-4133
- CVE-2018-4113
- CVE-2018-4146
- CVE-2018-4117
- CVE-2018-4207
- CVE-2018-4208
- CVE-2018-4209
- CVE-2018-4210
- CVE-2018-4212
- CVE-2018-4213
- CVE-2018-4145
- CVE-2018-4144
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2018-4167
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4185
- CVE-2017-15412
- CVE-2018-4390
- CVE-2018-4391
- CVE-2018-4166
- CVE-2018-4157
- CVE-2018-4115
- CVE-2018-4177
- CVE-2018-4123
- CVE-2018-4168
- CVE-2018-4172
- CVE-2018-4151
- CVE-2018-4187
- CVE-2018-4174
- CVE-2018-4156
- CVE-2018-4134
- CVE-2018-4149
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4140
- CVE-2018-4148
- CVE-2018-4110
- CVE-2018-4131
Frequently Asked Questions
What is the severity of CVE-2018-4212?
The severity of CVE-2018-4212 is high with a severity value of 8.8.
Which software versions are affected by CVE-2018-4212?
CVE-2018-4212 affects iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, and iTunes before 12.7.4 for Windows.
How can I fix CVE-2018-4212?
To fix CVE-2018-4212, update to the patched versions of the affected software. Refer to the vendor's website for specific instructions.
Where can I find more information about CVE-2018-4212?
You can find more information about CVE-2018-4212 on the MITRE CVE database and the WebKitGTK website.
- collector/apple-support
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/description
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/apple
- canonical/apple safari
- canonical/apple icloud for windows
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple ios
- canonical/apple iphone os
- canonical/apple icloud
- canonical/apple itunes
- vendor/microsoft
- canonical/microsoft windows
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/18.04
- vendor/webkitgtk
- canonical/webkitgtk webkitgtk\+
- version/webkitgtk webkitgtk\+/2.22.0
- package-manager/ubuntu
- package-manager/debian