CVE-2018-4136: Critical severity macos high sierra vulnerability
Kernel. An out-of-bounds read was addressed through improved bounds checking.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4170
- CVE-2018-4105
- CVE-2018-4112
- CVE-2018-4166
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2017-13890
- CVE-2017-8816
- CVE-2018-4176
- CVE-2018-4108
- CVE-2017-13080
- CVE-2018-4167
- CVE-2018-4151
- CVE-2018-4132
- CVE-2018-4135
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4136
- CVE-2018-4160
- CVE-2018-4185
- CVE-2018-4139
- CVE-2018-4175
- CVE-2017-15412
- CVE-2018-4187
- CVE-2018-4179
- CVE-2018-4111
- CVE-2018-4174
- CVE-2018-4152
- CVE-2017-7151
- CVE-2018-4138
- CVE-2018-4107
- CVE-2018-4156
- CVE-2018-4157
- CVE-2018-4298
- CVE-2018-4144
- CVE-2017-13911
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4115
- CVE-2018-4106
- CVE-2018-4131
Frequently Asked Questions
What is CVE-2018-4136?
CVE-2018-4136 is a vulnerability in certain Apple products, specifically macOS before 10.13.4, that allows attackers to execute arbitrary code or cause a denial of service through an out-of-bounds read.
How severe is CVE-2018-4136?
CVE-2018-4136 has a severity rating of 7.8, which is considered critical.
Which software versions are affected by CVE-2018-4136?
macOS versions before 10.13.4 are affected by CVE-2018-4136.
How can an attacker exploit CVE-2018-4136?
An attacker can exploit CVE-2018-4136 by using a crafted app to execute arbitrary code in a privileged context or cause a denial of service through an out-of-bounds read.
Is there a fix available for CVE-2018-4136?
Yes, the fix for CVE-2018-4136 is included in macOS 10.13.4 and later versions.