CVE-2018-4150

HIGH

iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Kernel Memory Corruption via Crafted App

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2018-4150. PoCs published by Jailbreaks, littlelailo, mirdhan.

AI-analyzed exploit summary This PoC exploits a race condition in the BSD Packet Filter (BPF) implementation (CVE-2018-4150) to achieve a buffer overflow by manipulating BIOCSDLT and BIOCSBLEN ioctls. It targets iOS up to 11.2.6 and demonstrates the vulnerability by sending a crafted packet to trigger the overflow.

Description

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Exploits (3)

nomisec WORKING POC 14 stars
by Jailbreaks · poc
https://github.com/Jailbreaks/CVE-2018-4150

This PoC exploits a race condition in the BSD Packet Filter (BPF) implementation (CVE-2018-4150) to achieve a buffer overflow by manipulating BIOCSDLT and BIOCSBLEN ioctls. It targets iOS up to 11.2.6 and demonstrates the vulnerability by sending a crafted packet to trigger the overflow.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: iOS (up to 11.2.6)
No auth needed
Prerequisites: Access to a vulnerable iOS device · Ability to execute code on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec STUB
by mirdhan · poc
https://github.com/mirdhan/LovelySn0w

The repository contains an incomplete exploit for CVE-2018-4150, targeting iOS. The exploit.c file is a stub with minimal code, and the README indicates the project is unfinished and non-functional.

Classification
Stub 90%
Attack Type
Lpe
Complexity
Theoretical
Reliability
Theoretical
Target: iOS (version not specified)
No auth needed
Prerequisites: iOS device with vulnerability present
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208692
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040604
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208698
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208696
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208693
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040608

Scores

CVSS v3 7.8
EPSS 0.0472
EPSS Percentile 90.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (4)
apple/iphone_os < 11.3
apple/mac_os_x < 10.13.4
apple/tvos < 11.3
apple/watchos < 4.3
Published Apr 03, 2018
Tracked Since Feb 18, 2026