CVE-2018-4381: Input Validation

Reference Links

• https://support.apple.com/en-us/HT209192 (Advisory)
• https://support.apple.com/en-us/HT209194 (Advisory)
• https://support.apple.com/en-us/HT209195 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

• HT209195
• HT209194
• HT209192

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2018-4384
• CVE-2018-4398
• CVE-2018-4394
• CVE-2018-4371
• CVE-2018-4420
• CVE-2018-4413
• CVE-2018-4419
• CVE-2018-4381
• CVE-2018-4369
• CVE-2018-4374
• CVE-2018-4377
• CVE-2018-4400
• CVE-2018-4372
• CVE-2018-4373
• CVE-2018-4375
• CVE-2018-4376
• CVE-2018-4382
• CVE-2018-4386
• CVE-2018-4392
• CVE-2018-4416
• CVE-2018-4378
• CVE-2018-4368
• CVE-2018-4409
• CVE-2018-4339
• CVE-2018-4365
• CVE-2018-4366
• CVE-2018-4367
• CVE-2018-4427
• CVE-2018-4390
• CVE-2018-4391
• CVE-2018-4388
• CVE-2018-4387
• CVE-2018-4385

Frequently Asked Questions

• What is CVE-2018-4381?

  CVE-2018-4381 is a vulnerability that involves a resource exhaustion issue in the Mail application on Apple devices.

• What is the severity of CVE-2018-4381?

  The severity of CVE-2018-4381 is medium, with a severity value of 5.5.

• How does CVE-2018-4381 impact Apple devices?

  CVE-2018-4381 may lead to a denial of service on Apple devices when processing a maliciously crafted message in the Mail application.

• Which versions of watchOS are affected by CVE-2018-4381?

  watchOS version 5.1 and below are affected by CVE-2018-4381.

• How can I fix CVE-2018-4381?

  To fix CVE-2018-4381, update your affected Apple devices to tvOS 12.1, iOS 12.1, or watchOS 5.1.