CVE-2018-6336
First published: Mon Dec 31 2018(Updated: )
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7
Credit: cve-assign@fb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linuxfoundation Osquery | <3.2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-6336?
CVE-2018-6336 has a medium severity rating due to the potential for malicious code execution.
How do I fix CVE-2018-6336?
To fix CVE-2018-6336, update osquery to version 3.2.8 or later where the vulnerability is addressed.
What software versions are affected by CVE-2018-6336?
All versions of osquery prior to 3.2.8 are affected by CVE-2018-6336.
What are the implications of CVE-2018-6336?
CVE-2018-6336 allows attackers to potentially execute malicious code disguised as a signed application, undermining third-party code signing checks.
Who is impacted by CVE-2018-6336?
Users of osquery versions before 3.2.8, especially those relying on third-party code verification, are impacted by CVE-2018-6336.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/linuxfoundation
- canonical/linuxfoundation osquery