CVE-2018-4135: Buffer Overflow
IOFireWireFamily. A memory corruption issue was addressed with improved memory handling.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4170
- CVE-2018-4105
- CVE-2018-4112
- CVE-2018-4166
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2017-13890
- CVE-2017-8816
- CVE-2018-4176
- CVE-2018-4108
- CVE-2017-13080
- CVE-2018-4167
- CVE-2018-4151
- CVE-2018-4132
- CVE-2018-4135
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4136
- CVE-2018-4160
- CVE-2018-4185
- CVE-2018-4139
- CVE-2018-4175
- CVE-2017-15412
- CVE-2018-4187
- CVE-2018-4179
- CVE-2018-4111
- CVE-2018-4174
- CVE-2018-4152
- CVE-2017-7151
- CVE-2018-4138
- CVE-2018-4107
- CVE-2018-4156
- CVE-2018-4157
- CVE-2018-4298
- CVE-2018-4144
- CVE-2017-13911
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4115
- CVE-2018-4106
- CVE-2018-4131
Frequently Asked Questions
What is CVE-2018-4135?
CVE-2018-4135 is a memory corruption vulnerability in the IOFireWireFamily component of certain Apple products.
How does CVE-2018-4135 affect macOS?
CVE-2018-4135 affects macOS versions before 10.13.4.
What is the severity of CVE-2018-4135?
The severity of CVE-2018-4135 is critical with a severity score of 7.8.
How can CVE-2018-4135 be exploited?
CVE-2018-4135 can be exploited by executing arbitrary code in a privileged context or causing a denial of service through memory corruption via a crafted app.
How can CVE-2018-4135 be fixed?
To fix CVE-2018-4135, update macOS to version 10.13.4 or later.