CVE-2018-4108: Input Validation
Disk Management. An injection issue was addressed through improved input validation.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Management" component. It allows attackers to trigger truncation of an APFS volume password via an unspecified injection.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4170
- CVE-2018-4105
- CVE-2018-4112
- CVE-2018-4166
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2017-13890
- CVE-2017-8816
- CVE-2018-4176
- CVE-2018-4108
- CVE-2017-13080
- CVE-2018-4167
- CVE-2018-4151
- CVE-2018-4132
- CVE-2018-4135
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4136
- CVE-2018-4160
- CVE-2018-4185
- CVE-2018-4139
- CVE-2018-4175
- CVE-2017-15412
- CVE-2018-4187
- CVE-2018-4179
- CVE-2018-4111
- CVE-2018-4174
- CVE-2018-4152
- CVE-2017-7151
- CVE-2018-4138
- CVE-2018-4107
- CVE-2018-4156
- CVE-2018-4157
- CVE-2018-4298
- CVE-2018-4144
- CVE-2017-13911
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4115
- CVE-2018-4106
- CVE-2018-4131
Frequently Asked Questions
What is the vulnerability identifier for this issue?
The vulnerability identifier for this issue is CVE-2018-4108.
What is the severity of CVE-2018-4108?
The severity of CVE-2018-4108 is critical with a severity value of 9.8.
Which versions of macOS are affected by this vulnerability?
macOS versions before 10.13.4 are affected by this vulnerability.
What is the impact of CVE-2018-4108?
The impact of CVE-2018-4108 is that attackers can trigger truncation of an APFS volume password via an unspecified injection.
Are there any fixes or patches available for this vulnerability?
Yes, Apple has released a fix for this vulnerability in macOS 10.13.4.