CVE-2018-4282

MEDIUM

Description

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.

References

https://support.apple.com/kb/HT208935

https://support.apple.com/kb/HT208936

https://support.apple.com/kb/HT208938

Details

Source: MITRE

Published: 2019-04-03

Updated: 2019-04-04

Type: CWE-125

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM