CVE-2018-4171: Infoleak
Bluetooth. An information disclosure issue existed in device properties. This issue was addressed with improved object management.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is CVE-2018-4171?
CVE-2018-4171 is an information disclosure vulnerability that affects certain Apple products, including macOS before version 10.13.5.
How does CVE-2018-4171 impact Bluetooth?
CVE-2018-4171 allows attackers to obtain sensitive kernel memory-layout information through a crafted app that leverages device properties in the Bluetooth component.
Which versions of macOS are affected by CVE-2018-4171?
macOS versions before 10.13.5 are affected by CVE-2018-4171.
What is the severity of CVE-2018-4171?
CVE-2018-4171 has a severity rating of 5.5 (High).
How can I fix CVE-2018-4171?
To fix CVE-2018-4171, update macOS to version 10.13.5 or later by following the instructions provided by Apple.