What is CVE-2018-4442?

CVE-2018-4442 is a vulnerability in WebKit that allows memory corruption and has been addressed in various Apple software versions.

How does CVE-2018-4442 affect iOS?

CVE-2018-4442 affects iOS versions prior to 12.1.1.

How does CVE-2018-4442 affect tvOS?

CVE-2018-4442 affects tvOS versions prior to 12.1.1.

How does CVE-2018-4442 affect watchOS?

CVE-2018-4442 affects watchOS versions prior to 5.1.2.

How does CVE-2018-4442 affect Safari?

CVE-2018-4442 affects Safari versions prior to 12.0.2.

How does CVE-2018-4442 affect iTunes for Windows?

CVE-2018-4442 affects iTunes for Windows versions prior to 12.9.2.

How do I fix CVE-2018-4442?

To fix CVE-2018-4442, you need to update to iOS 12.1.1 or later, tvOS 12.1.1 or later, watchOS 5.1.2 or later, Safari 12.0.2 or later, iTunes for Windows 12.9.2 or later.

Vulnerability/
CVE-2018-4442

high

8.8

CWE

119

5/12/2018

3/4/2019

5/8/2024

CVE-2018-4442: Buffer Overflow

First published: Wed Dec 05 2018(Updated: )

WebKit. A memory corruption issue was addressed with improved memory handling.

Credit: lokihardt Google Project Zero product-security@apple.com

Affected Software	Affected Version	How to fix
tvOS	<12.1.1	12.1.1
Apple Mobile Safari	<12.0.2	12.0.2
Apple iOS, iPadOS, and watchOS	<12.1.1	12.1.1
Apple iOS, iPadOS, and watchOS	<5.1.2	5.1.2
Apple iCloud	<7.9	7.9
Apple Mobile Safari	<12.0.2
iStyle @cosme iPhone OS	<12.1.1
tvOS	<12.1.1
Apple iOS, iPadOS, and watchOS	<5.1.2
iCloud Drive	<7.9
iTunes	<12.9.2
Microsoft Windows
iTunes	<12.9.2	12.9.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2018-4442?
CVE-2018-4442 is a vulnerability in WebKit that allows memory corruption and has been addressed in various Apple software versions.
How does CVE-2018-4442 affect iOS?
CVE-2018-4442 affects iOS versions prior to 12.1.1.
How does CVE-2018-4442 affect tvOS?
CVE-2018-4442 affects tvOS versions prior to 12.1.1.
How does CVE-2018-4442 affect watchOS?
CVE-2018-4442 affects watchOS versions prior to 5.1.2.
How does CVE-2018-4442 affect Safari?
CVE-2018-4442 affects Safari versions prior to 12.0.2.
How does CVE-2018-4442 affect iTunes for Windows?
CVE-2018-4442 affects iTunes for Windows versions prior to 12.9.2.
How do I fix CVE-2018-4442?
To fix CVE-2018-4442, you need to update to iOS 12.1.1 or later, tvOS 12.1.1 or later, watchOS 5.1.2 or later, Safari 12.0.2 or later, iTunes for Windows 12.9.2 or later.

agent/type
agent/first-publish-date
agent/weakness
agent/references
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
collector/apple-support
alias/CVE-2018-4442
alias/CVE-2018-4443
agent/software-canonical-lookup-request
agent/author
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/apple
canonical/tvos
canonical/apple mobile safari
canonical/apple ios, ipados, and watchos
canonical/apple icloud
canonical/istyle @cosme iphone os
canonical/icloud drive
canonical/itunes
vendor/microsoft
canonical/microsoft windows