CVE-2018-4228: Race Condition
IOFireWireAVC. A race condition was addressed with improved locking.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is CVE-2018-4228?
CVE-2018-4228 is a vulnerability that affects certain Apple products, including macOS before version 10.13.5, and involves the "IOFireWireAVC" component.
What is the severity of CVE-2018-4228?
CVE-2018-4228 has a severity level of high, with a severity value of 7.
How does CVE-2018-4228 work?
CVE-2018-4228 exploits a race condition, allowing attackers to execute arbitrary code in a privileged context via a crafted app.
Which Apple products are affected by CVE-2018-4228?
macOS before version 10.13.5, macOS High Sierra (up to version 10.13.5), Sierra, and El Capitan are affected by CVE-2018-4228.
How can I fix CVE-2018-4228?
To fix CVE-2018-4228, update to macOS version 10.13.5 or later.