SB2018103111 - Multiple vulnerabilities in Apple tvOS
Published: October 31, 2018 Updated: August 7, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 15 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2018-4398)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to an error in the Miller-Rabin primality test. A remote attacker can incorrectly identify prime numbers.
2) Heap-based buffer overflow (CVE-ID: CVE-2018-4394)
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to boundary error in ICU component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted string, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
3) Out-of-bounds read (CVE-ID: CVE-2018-4371)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to out-of-bounds read in IPSec component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.
4) Memory corruption (CVE-ID: CVE-2018-4420)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
5) Information disclosure (CVE-ID: CVE-2018-4413)
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and read restricted memory.
6) Memory corruption (CVE-ID: CVE-2018-4419)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
7) Memory leak (CVE-ID: CVE-2018-4369)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to memory leak in NetworkExtension component. A remote attacker can connect to a VPN server and access DNS queries from a DNS proxy.
8) Memory corruption (CVE-ID: CVE-2018-4372)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
9) Memory corruption (CVE-ID: CVE-2018-4382)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
10) Memory corruption (CVE-ID: CVE-2018-4386)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
11) Memory corruption (CVE-ID: CVE-2018-4392)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
12) Memory corruption (CVE-ID: CVE-2018-4416)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
13) Resource exhaustion (CVE-ID: CVE-2018-4409)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to resource exhaustion in Webkit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, consume excessive resources and cause the service to crash.
14) Memory corruption (CVE-ID: CVE-2018-4378)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
15) Improper input validation (CVE-ID: CVE-2018-4368)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists due to an error in WiFi component when handling malicious input. A remote attacker can supply a specially crafted input and cause the service to crash.
Remediation
Install update from vendor's website.