CVE-2018-4431: Infoleak
First published: Wed Dec 05 2018(Updated: )
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
Credit: An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPhone OS | <12.1.1 | |
| Apple Mac OS X | <10.14.2 | |
| Apple tvOS | <12.1.1 | |
| Apple watchOS | <5.1.2 | |
| Apple iOS | <12.1.1 | 12.1.1 |
| Apple tvOS | <12.1.1 | 12.1.1 |
| Apple watchOS | <5.1.2 | 5.1.2 |
| Apple macOS Mojave | <10.14.2 | 10.14.2 |
| Apple High Sierra | ||
| Apple Sierra |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/kb/HT209340
- https://support.apple.com/kb/HT209341
- https://support.apple.com/kb/HT209342
- https://support.apple.com/kb/HT209343
- https://support.apple.com/en-us/HT209340 (Advisory)
- https://support.apple.com/en-us/HT209342 (Advisory)
- https://support.apple.com/en-us/HT209343 (Advisory)
- https://support.apple.com/en-us/HT209341 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2018-4303
- CVE-2018-4427
- CVE-2018-4431
- CVE-2018-4448
- CVE-2018-4460
- CVE-2018-4447
- CVE-2018-4435
- CVE-2018-4461
- CVE-2018-4429
- CVE-2018-4436
- CVE-2018-4437
- CVE-2018-4464
- CVE-2018-4441
- CVE-2018-4442
- CVE-2018-4443
- CVE-2018-4438
- CVE-2018-4462
- CVE-2018-4463
- CVE-2018-4465
- CVE-2018-4467
- CVE-2018-4452
- CVE-2018-4434
- CVE-2018-4456
- CVE-2018-4421
- CVE-2018-4449
- CVE-2018-4450
- CVE-2018-4444
- CVE-2018-4430
- CVE-2018-4446
- CVE-2018-4439
- CVE-2018-4440
- CVE-2018-4445
- CVE-2018-4428
Frequently Asked Questions
What is CVE-2018-4431?
CVE-2018-4431 is a vulnerability related to a memory initialization issue in the kernel of Apple devices.
Which devices are affected by CVE-2018-4431?
CVE-2018-4431 affects iOS versions prior to 12.1.1, macOS Mojave versions prior to 10.14.2, tvOS versions prior to 12.1.1, and watchOS versions prior to 5.1.2.
What is the severity of CVE-2018-4431?
The severity of CVE-2018-4431 is medium with a severity value of 5.5.
How can I fix CVE-2018-4431?
To fix CVE-2018-4431, update your device to iOS 12.1.1 or later, macOS Mojave 10.14.2 or later, tvOS 12.1.1 or later, or watchOS 5.1.2 or later.
Where can I find more information about CVE-2018-4431?
You can find more information about CVE-2018-4431 on the Apple support page: [link](https://support.apple.com/kb/HT209340).
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/trending
- vendor/apple
- canonical/apple watchos
- canonical/apple macos mojave
- canonical/apple high sierra
- canonical/apple sierra
- canonical/apple iphone os
- canonical/apple mac os x
- canonical/apple tvos
- canonical/apple ios