CVE-2018-4236: Buffer Overflow
IOGraphics. A memory corruption issue was addressed with improved memory handling.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-4236.
What is the severity of CVE-2018-4236?
CVE-2018-4236 has a severity rating of 7.8 (critical).
Which Apple products are affected by CVE-2018-4236?
macOS before 10.13.5, macOS High Sierra up to 10.13.5, Sierra, and El Capitan are affected by CVE-2018-4236.
What is the impact of CVE-2018-4236?
CVE-2018-4236 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) through a crafted app.
How can I fix CVE-2018-4236?
Update to macOS 10.13.5 or later to fix CVE-2018-4236.