Published: 08/06/2018 Updated: 07/03/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

An issue exists in certain Apple products. macOS prior to 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2018-10-30-2 macOS Mojave 10141, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra <!-- ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10135, Security Update 2018-0 ...

Look at The XNU Through A Tube CVE-2018-4242 Write-up Zhuo Liang of Qihoo 360 Nirvan Team Contents 1 Introduction 1 11 CVE-2018-4242 1 2 The XNU Kernel 2 21 System Call 2 22 MIG 6 221 mach_msg And Mach port

CWE-119 https://support.apple.com/HT208849 http://www.securitytracker.com/id/1041027 http://www.securitytracker.com/id/1042004 https://nvd.nist.gov https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-http://seclists.org/fulldisclosure/2018/Nov/10

CVE-2018-4242

Vulnerability Summary

Vulnerability Trend

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect