First published: Wed Dec 05 2018(Updated: )
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
Credit: Juwei Lin @panicaII Zhengyu Dong TrendMicro Mobile Security Team working with Trend MicroJuwei Lin @panicaII Zhengyu Dong TrendMicro Mobile Security Team working with Trend MicroJuwei Lin @panicaII Zhengyu Dong TrendMicro Mobile Security Team working with Trend MicroJuwei Lin @panicaII Zhengyu Dong TrendMicro Mobile Security Team working with Trend Micro product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.1.1 | |
Apple Mac OS X | <10.14.2 | |
Apple tvOS | <12.1.1 | |
Apple watchOS | <5.1.2 | |
Apple iOS | <12.1.1 | 12.1.1 |
Apple tvOS | <12.1.1 | 12.1.1 |
Apple watchOS | <5.1.2 | 5.1.2 |
Apple macOS Mojave | <10.14.2 | 10.14.2 |
Apple High Sierra | ||
Apple Sierra |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2018-4447 is critical with a CVSS score of 7.8.
Versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, and watchOS 5.1.2 are affected by CVE-2018-4447.
To fix CVE-2018-4447, you should update to iOS 12.1.1 or later, macOS Mojave 10.14.2 or later, tvOS 12.1.1 or later, and watchOS 5.1.2 or later.
You can find more information about CVE-2018-4447 on the Apple support website. Here are some references: [HT209340](https://support.apple.com/kb/HT209340), [HT209341](https://support.apple.com/kb/HT209341), [HT209342](https://support.apple.com/kb/HT209342).
CVE-2018-4447 belongs to the CWE category 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer).