Published: 03/04/2018 Updated: 04/05/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

An issue exists in certain Apple products. iOS prior to 11.2.5 is affected. macOS prior to 10.13.3 is affected. tvOS prior to 11.2.5 is affected. watchOS prior to 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows malicious users to bypass intended memory-read restrictions via a crafted app.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple apple tv
apple iphone os
apple mac os x
apple watchos

It's 2018 and your Macs, iPhones can be pwned by playing evil music

The Register • Shaun Nichols in San Francisco • 24 Jan 2018

Meanwhile, HomePod inches closer to actually shipping, allegedly

Apple has released security patches for iOS and macOS that include, among other things, Meltdown and Spectre fixes. The new versions should be installed as soon as possible. On macOS, the update will be delivered as High Sierra 10.13.3 or Security Update 2018-001 for Sierra and El Capitan machines. Headlining the security update is a patch for CVE-2017-5754, better known as Meltdown. The Intel processor bug allows malicious code to potentially read sensitive data and personal information, such a...

CVE-2018-4092

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect