CVE-2018-4255: Input Validation

Q: What is CVE-2018-4255?

CVE-2018-4255 is a vulnerability in macOS High Sierra before 10.13.5 that allows for an out-of-bounds read due to improved input validation.

Q: How severe is CVE-2018-4255?

The severity of CVE-2018-4255 is medium with a CVSS score of 5.5.

Q: How does CVE-2018-4255 affect Apple Mac OS X?

CVE-2018-4255 affects Apple Mac OS X versions up to and excluding 10.13.5.

Q: How do I fix CVE-2018-4255 on macOS High Sierra?

To fix CVE-2018-4255 on macOS High Sierra, update to version 10.13.5 or later.

Q: Where can I find more information about CVE-2018-4255?

More information about CVE-2018-4255 can be found on the Apple support page: https://support.apple.com/HT208849

Published Jun 1, 2018

Updated

AMD. An out-of-bounds read was addressed with improved input validation.

Other sources

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Credit

shrek_wzw(Qihoo 360 Nirvan Team)

Affected Software

4 affected componentsFixes available

Apple macOS High Sierra<10.13.5

10.13.5

Apple Sierra

Apple El Capitan

Apple iOS and macOS<10.13.5

Event History

Jan 11, 2019

CVE Published

via MITRE·06:00 PM

Data Sourced

via MITRE·06:00 PM

Description

Parent advisories

This vulnerability appears in the following advisories.

HT208849

Frequently Asked Questions

What is CVE-2018-4255?

CVE-2018-4255 is a vulnerability in macOS High Sierra before 10.13.5 that allows for an out-of-bounds read due to improved input validation.

How severe is CVE-2018-4255?

The severity of CVE-2018-4255 is medium with a CVSS score of 5.5.

How does CVE-2018-4255 affect Apple Mac OS X?

CVE-2018-4255 affects Apple Mac OS X versions up to and excluding 10.13.5.

How do I fix CVE-2018-4255 on macOS High Sierra?