NA

CVE-2018-4330

Published: 11/01/2019 Updated: 12/01/2019

Vulnerability Summary

In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling.

Vulnerability Trend

Mailing Lists

Github Repositories

toothfairy Related to brokentooth (linked below). Unlike brokentooth, toothfairy does not require pressing buttons on the bluetooth menu. Both CVE's were revealed by @SparkZheng but with no POC so I decided to make a POC for the learning experience. The code is not perfect but it does the job. Tested on iPhone 6S 11.3.1 Should work until 11.4 Let's you set the PC (ARM

brokentooth POC for CVE-2018-4327 (atleast I think so since CVE-2018-4327 and CVE-2018-4330 were both written about by @SparkZheng but it does not say which once relates to which bug but since he described this one first then I'm taking a guess). Tested on iPhone 6S 11.3.1 Should work until 11.4 Let's you set the PC (ARM's version for IP register) to a value of y

brokentooth POC for CVE-2018-4327 (at least I think so since CVE-2018-4327 and CVE-2018-4330 were both discussed by @SparkZheng but it's not clear from him which one relates to which bug but since he described this one first I'm taking a guess). Tested on iPhone 6S 11.3.1 Should work until 11.4 Let's you set the PC (ARM's version for IP register) to a value

References