Details of VAR-201904-1387

ID

VAR-201904-1387

CVE

CVE-2018-4427

TITLE

plural Apple Updates to product vulnerabilities

Trust: 1.6

sources: JVNDB: JVNDB-2018-010217 // JVNDB: JVNDB-2018-008908

DESCRIPTION

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple The product has a memory corruption vulnerability due to incomplete memory handling.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple iOS is an operating system developed by Apple for mobile devices. IOHIDFamily is one of the kernel extensions (Abstract Interface for Human Interface Devices) component. A security vulnerability exists in the IOHIDFamily component in Apple iOS versions prior to 12.1. An attacker could exploit this vulnerability to execute arbitrary code with kernel privileges. CVE-2018-4462: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team Carbon Core Available for: macOS Mojave 10.14.1 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4463: Maksymilian Arciemowicz (cxsecurity.com) Disk Images Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4465: Pangu Team Intel Graphics Driver Available for: macOS Mojave 10.14.1 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4434: Zhuo Liang of Qihoo 360 Nirvan Team IOHIDFamily Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4427: Pangu Team Kernel Available for: macOS Mojave 10.14.1 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed by removing the vulnerable code. CVE-2018-4460: Kevin Backhouse of Semmle Security Research Team Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.1 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4431: An independent security researcher has reported this vulnerability to Beyond Security's SecuriTeam Secure Disclosure program Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4435: Jann Horn of Google Project Zero, Juwei Lin(@panicaII) and Junzhi Lu of TrendMicro Mobile Security Team Kernel Available for: macOS Mojave 10.14.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4461: Ian Beer of Google Project Zero WindowServer Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4449: Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab CVE-2018-4450: Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab Additional recognition LibreSSL We would like to acknowledge Keegan Ryan of NCC Group for their assistance. NetAuth We would like to acknowledge Vladimir Ivanov of Digital Security for their assistance. Simple certificate enrollment protocol (SCEP) We would like to acknowledge Tim Cappalli of Aruba and a Hewlett Packard Enterprise company for their assistance. Installation note: macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlwINzopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3FxTw// fUx30FH3eQXRRc/dlM5LgBdDqx/TOHtSwjiTLkVRHC1czz9ledAmHmGkg00z6b+p 5LsZNaZRUF3FVxuWUcm0rQQ+MpSj+BpCDZX0X+pXHX+QvNjad8ZcQsIqjtnJ1omZ jr2eUQtnkmbnaFX+TiesIN8tGBQ2Gve1/fqzrXdpqlF6j9U76gw4djI4JbAnLGxH IzjIp1FukQy1phfZZcHd++aEHvsQeJ0bT0INajqtNOkDQSZ0H7/NIW1BoUQlcpLG cqz+dwTYFwfqvNUmQ5PUTFXQJHxiVBRgMDdyesrVSKSuvEqTNAQKCOXMxayVbotf LBlghqpPr2XTS7enRkY87BU+aSdTTzjTX7fvQBOQgAJPb7L3FXhA/dCTHWV3RyWY 1qrTFOIvbfAtCjsBIqHC0nD5GWXB7vuxPvcYQXlNYl/MxMv3vAANHi8aI+YJ8Usp 6qLLD02Z4H4E8ZpmakqqFJT6ORGUIBpvqG9rYxhACTe/z2uqZ7scD4I4crpfPIIk WRyh17q87z+dTCIS4P9PbYdrx7Y8SHN8K9uaBmZVq9WqaAVtCet9S0zNBrLai2Sj ar3y5Sgso7RMI5KhB0IGNyS2LZL0a3ypQVfVEWpxoRjIHyI2sJSPAuXOLrwV6pRU +61jWoLyn0cbMWMEhfrw/ulTOcMBjIXV7EHZNge8H5Ex+L -----END PGP SIGNATURE-----

Trust: 3.24

sources: NVD: CVE-2018-4427 // JVNDB: JVNDB-2018-010217 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014868 // VULHUB: VHN-134458 // PACKETSTORM: 150669

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lt	version:	10.14.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	12.1.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	12.1	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	5.1.2	Trust: 1.0
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 7.9 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1.1 earlier	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	12.9.2 for windows earlier	Trust: 0.8
vendor:	apple	model:	macos high sierra	scope:	eq	version:	(security update 2018-003 not applied )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	lt	version:	10.14.2 earlier	Trust: 0.8
vendor:	apple	model:	macos sierra	scope:	eq	version:	(security update 2018-006 not applied )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12.0.2 earlier	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12.1.1 earlier	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5.1.2 earlier	Trust: 0.8
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 7.8 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1 earlier	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	12.9.1 earlier	Trust: 0.8
vendor:	apple	model:	macos high sierra	scope:	eq	version:	(security update 2018-001 not applied )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	lt	version:	10.14.1 earlier	Trust: 0.8
vendor:	apple	model:	macos sierra	scope:	eq	version:	(security update 2018-005 not applied )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12.0.1 earlier	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12.1 earlier	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5.1 earlier	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.6	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.13.6	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1 (ipad air or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1 (iphone 5s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1 (ipod touch first 6 generation )	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12.1.1 (apple tv 4k)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12.1.1 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5.1.2 (apple watch series 1 or later )	Trust: 0.8

sources: JVNDB: JVNDB-2018-010217 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014868 // NVD: CVE-2018-4427

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4427
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4427
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201810-1528
value:	HIGH
Trust: 0.6
VULHUB:	VHN-134458
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-4427
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-134458
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-4427
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-134458 // JVNDB: JVNDB-2018-014868 // CNNVD: CNNVD-201810-1528 // NVD: CVE-2018-4427

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-134458 // JVNDB: JVNDB-2018-014868 // NVD: CVE-2018-4427

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-1528

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201810-1528

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010217

PATCH

title:	About the security content of macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra	url:	https://support.apple.com/en-us/HT209341	Trust: 1.6
title:	About the security content of tvOS 12.1.1	url:	https://support.apple.com/en-us/HT209342	Trust: 1.6
title:	About the security content of watchOS 5.1.2	url:	https://support.apple.com/ja-jp/HT209343	Trust: 1.6
title:	About the security content of iOS 12.1	url:	https://support.apple.com/en-us/HT209192	Trust: 1.6
title:	About the security content of Safari 12.0.2	url:	https://support.apple.com/en-us/HT209344	Trust: 0.8
title:	About the security content of iCloud for Windows 7.9	url:	https://support.apple.com/en-us/HT209346	Trust: 0.8
title:	About the security content of iOS 12.1.1	url:	https://support.apple.com/en-us/HT209340	Trust: 0.8
title:	About the security content of iTunes 12.9.2 for Windows	url:	https://support.apple.com/en-us/HT209345	Trust: 0.8
title:	About the security content of iTunes 12.9.1	url:	https://support.apple.com/en-us/HT209197	Trust: 0.8
title:	About the security content of iCloud for Windows 7.8	url:	https://support.apple.com/en-us/HT209198	Trust: 0.8
title:	About the security content of Safari 12.0.1	url:	https://support.apple.com/en-us/HT209196	Trust: 0.8
title:	About the security content of macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra	url:	https://support.apple.com/en-us/HT209193	Trust: 0.8
title:	About the security content of tvOS 12.1	url:	https://support.apple.com/en-us/HT209194	Trust: 0.8
title:	About the security content of watchOS 5.1	url:	https://support.apple.com/en-us/HT209195	Trust: 0.8
title:	HT209343	url:	https://support.apple.com/en-us/HT209343	Trust: 0.8
title:	HT209192	url:	https://support.apple.com/ja-jp/HT209192	Trust: 0.8
title:	HT209341	url:	https://support.apple.com/ja-jp/HT209341	Trust: 0.8
title:	HT209342	url:	https://support.apple.com/ja-jp/HT209342	Trust: 0.8
title:	Apple iOS IOHIDFamily Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86506	Trust: 0.6

sources: JVNDB: JVNDB-2018-010217 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014868 // CNNVD: CNNVD-201810-1528

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4427	Trust: 2.6
db:	JVN	id:	JVNVU92431031	Trust: 1.6
db:	JVN	id:	JVNVU96365720	Trust: 1.6
db:	JVNDB	id:	JVNDB-2018-010217	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-008908	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014868	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-1528	Trust: 0.7
db:	VULHUB	id:	VHN-134458	Trust: 0.1
db:	PACKETSTORM	id:	150669	Trust: 0.1

sources: VULHUB: VHN-134458 // JVNDB: JVNDB-2018-010217 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014868 // PACKETSTORM: 150669 // CNNVD: CNNVD-201810-1528 // NVD: CVE-2018-4427

REFERENCES

url:	https://support.apple.com/kb/ht209192	Trust: 1.7
url:	https://support.apple.com/kb/ht209341	Trust: 1.7
url:	https://support.apple.com/kb/ht209342	Trust: 1.7
url:	https://support.apple.com/kb/ht209343	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4427	Trust: 1.5
url:	https://jvn.jp/vu/jvnvu92431031/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu96365720/	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4427	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu96365720/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu92431031/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4447	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4303	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4431	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4465	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4450	Trust: 0.1
url:	https://support.apple.com/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4460	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4463	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4449	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4434	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4435	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4462	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4461	Trust: 0.1

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 150669

SOURCES

db:	VULHUB	id:	VHN-134458
db:	JVNDB	id:	JVNDB-2018-010217
db:	JVNDB	id:	JVNDB-2018-008908
db:	JVNDB	id:	JVNDB-2018-014868
db:	PACKETSTORM	id:	150669
db:	CNNVD	id:	CNNVD-201810-1528
db:	NVD	id:	CVE-2018-4427

LAST UPDATE DATE

2024-11-23T20:40:47.653000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-134458	date:	2019-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2018-010217	date:	2018-12-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-008908	date:	2018-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-014868	date:	2019-04-17T00:00:00
db:	CNNVD	id:	CNNVD-201810-1528	date:	2019-04-09T00:00:00
db:	NVD	id:	CVE-2018-4427	date:	2024-11-21T04:07:23.530

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-134458	date:	2019-04-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-010217	date:	2018-12-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-008908	date:	2018-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-014868	date:	2019-04-17T00:00:00
db:	PACKETSTORM	id:	150669	date:	2018-12-06T18:55:48
db:	CNNVD	id:	CNNVD-201810-1528	date:	2018-10-31T00:00:00
db:	NVD	id:	CVE-2018-4427	date:	2019-04-03T18:29:15.347