CVE-2018-4283 — Out-of-bounds Read in Apple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 81.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0

Timeline

PublishedApr 3

Latest updateMay 13

Description

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶Appleapple/macos_high_sierra_10.13.6_security_update_2018-004_sierra_security_update_2018-0

▶NVDapple/mac_os_x< 10.13.6

🔴Vulnerability Details

GHSA

GHSA-pgcp-c398-67pq: An out-of-bounds read issue existed that led to the disclosure of kernel memory↗2022-05-13

▶

📋Vendor Advisories

Apple

CVE-2018-4283: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan↗2018-07-09

▶