CVE-2018-4344: Apple Multiple Products Memory Corruption Vulnerability
First published: Mon Sep 17 2018(Updated: )
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
Credit: Brandon Azad Ian Beer Google Project ZeroMohamed Ghannam @_simo36 The UK's National Cyber Security Centre (NCSC) cc Trend Micro's Zero Day InitiativeJuwei Lin @panicaII Trend Micro working with Trend Micro's Zero Day Initiativecc Trend MicroJuwei Lin @panicaII Trend Micro working with Trend Micro product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Multiple Products | ||
| tvOS | <12 | 12 |
| macOS Mojave | <10.14 | 10.14 |
| Apple iOS, iPadOS, and watchOS | <12 | 12 |
| Apple iOS, iPadOS, and watchOS | <5 | 5 |
| iStyle @cosme iPhone OS | <12.0 | |
| Apple iOS and macOS | <10.14 | |
| tvOS | <12 | |
| Apple iOS, iPadOS, and watchOS | <5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209108 (Advisory)
- https://support.apple.com/en-us/HT209139 (Advisory)
- https://support.apple.com/kb/HT209106
- https://support.apple.com/kb/HT209107
- https://support.apple.com/kb/HT209108
- https://support.apple.com/kb/HT209139
- https://support.apple.com/en-us/HT209107 (Advisory)
- https://support.apple.com/en-us/HT209106 (Advisory)
- https://nvd.nist.gov/vuln/detail/CVE-2018-4344
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2018-4321
- CVE-2018-5383
- CVE-2018-4126
- CVE-2018-4412
- CVE-2018-4414
- CVE-2018-4347
- CVE-2018-4433
- CVE-2018-4426
- CVE-2018-4331
- CVE-2018-4332
- CVE-2018-4343
- CVE-2018-4408
- CVE-2018-4341
- CVE-2018-4354
- CVE-2018-4383
- CVE-2018-4401
- CVE-2018-4305
- CVE-2018-4399
- CVE-2018-4407
- CVE-2018-4363
- CVE-2018-4336
- CVE-2018-4337
- CVE-2018-4340
- CVE-2018-4344
- CVE-2018-4425
- CVE-2018-4313
- CVE-2016-1777
- CVE-2018-4395
- CVE-2018-4203
- CVE-2018-4304
- CVE-2018-4316
- CVE-2018-4345
- CVE-2018-4191
- CVE-2018-4299
- CVE-2018-4359
- CVE-2018-4323
- CVE-2018-4358
- CVE-2018-4328
- CVE-2018-4197
- CVE-2018-4318
- CVE-2018-4306
- CVE-2018-4312
- CVE-2018-4314
- CVE-2018-4315
- CVE-2018-4317
- CVE-2018-4309
- CVE-2018-4361
- CVE-2018-4474
- CVE-2018-4360
- CVE-2018-4295
- CVE-2018-4324
- CVE-2018-4417
- CVE-2018-4353
- CVE-2017-12613
- CVE-2017-12618
- CVE-2018-4411
- CVE-2018-4308
- CVE-2018-4333
- CVE-2018-4153
- CVE-2018-4406
- CVE-2018-4346
- CVE-2018-4296
- CVE-2019-8643
- CVE-2017-5731
- CVE-2017-5732
- CVE-2017-5733
- CVE-2017-5734
- CVE-2017-5735
- CVE-2018-3646
- CVE-2018-4355
- CVE-2018-4396
- CVE-2018-4418
- CVE-2018-4351
- CVE-2018-4350
- CVE-2018-4334
- CVE-2018-4451
- CVE-2018-4456
- CVE-2015-3194
- CVE-2015-5333
- CVE-2015-5334
- CVE-2016-0702
- CVE-2018-4348
- CVE-2018-4326
- CVE-2018-4310
- CVE-2018-3639
- CVE-2018-4393
- CVE-2018-4338
- CVE-2018-4322
- CVE-2018-4356
- CVE-2018-4335
- CVE-2018-4352
- CVE-2018-4329
- CVE-2018-4307
- CVE-2018-4362
- CVE-2018-4325
- CVE-2018-4311
- CVE-2018-4319
Frequently Asked Questions
What is the vulnerability ID for this memory corruption issue?
The vulnerability ID for this memory corruption issue is CVE-2018-4344.
What is the severity of CVE-2018-4344?
The severity of CVE-2018-4344 is critical.
Which Apple products are affected by CVE-2018-4344?
CVE-2018-4344 affects the following Apple products: iPhone OS prior to version 12.0, macOS Mojave prior to version 10.14, tvOS prior to version 12, and watchOS prior to version 5.0.
How can I fix CVE-2018-4344?
To fix CVE-2018-4344, update your iPhone to iOS 12.0 or later, update your macOS to Mojave 10.14 or later, update your tvOS to version 12 or later, and update your watchOS to version 5.0 or later.
Where can I find more information about CVE-2018-4344?
You can find more information about CVE-2018-4344 on the Apple support page: [link](https://support.apple.com/kb/HT209106)
- agent/type
- agent/first-publish-date
- agent/title
- agent/weakness
- agent/description
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/event
- agent/trending
- agent/source
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/apple-support
- alias/CVE-2018-4337
- alias/CVE-2018-4340
- alias/CVE-2018-4344
- alias/CVE-2018-4425
- agent/software-canonical-lookup-request
- agent/author
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- vendor/apple
- canonical/apple multiple products
- canonical/tvos
- canonical/macos mojave
- canonical/apple ios, ipados, and watchos
- canonical/istyle @cosme iphone os
- canonical/apple ios and macos