CVE-2018-4460: Input Validation

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2018-4460.

Q: What is the severity of CVE-2018-4460?

The severity of CVE-2018-4460 is medium.

Q: Which software versions are affected by CVE-2018-4460?

CVE-2018-4460 affects versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, and watchOS 5.1.2.

Q: How was CVE-2018-4460 addressed?

CVE-2018-4460 was addressed by removing the vulnerable code.

Q: Where can I find more information about CVE-2018-4460?

You can find more information about CVE-2018-4460 on Apple's support page: [link](https://support.apple.com/kb/HT209340).

Published Dec 5, 2018

Updated

A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

Other sources

Kernel. A denial of service issue was addressed by removing the vulnerable code.

Credit

Kevin Backhouse(Semmle Security Research Team)

Affected Software

10 affected componentsFixes available

Apple tvOS<12.1.1

12.1.1

Apple macOS Mojave<10.14.2

10.14.2

Apple High Sierra

Apple Sierra

Apple WatchOS<5.1.2

5.1.2

Apple iOS<12.1.1

12.1.1

Apple iPhone OS<12.1.1

Apple iOS and macOS<10.14.2

Apple tvOS<12.1.1

Apple WatchOS<5.1.2

Event History

Apr 3, 2019

CVE Published

via MITRE·05:43 PM

Data Sourced

via MITRE·05:43 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2018-4460.

What is the severity of CVE-2018-4460?

The severity of CVE-2018-4460 is medium.

Which software versions are affected by CVE-2018-4460?

CVE-2018-4460 affects versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, and watchOS 5.1.2.

How was CVE-2018-4460 addressed?