CVE-2018-4241

HIGH

Apple TV < 11.4 - Memory Corruption

Title source: rule

Description

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/44849

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by 0neday · poc

https://github.com/0neday/multi_path

View Code ZIP pw:eip

References (7)

Core 7

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44849/

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT208850

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://bugs.chromium.org/p/project-zero/issues/detail?id=1558

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT208851

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041027

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT208848

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT208849

Scores

CVSS v3 7.8

EPSS 0.2154

EPSS Percentile 95.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (4)

apple/apple_tv < 11.4

apple/iphone_os < 11.4

apple/mac_os_x < 10.13.5

apple/watchos < 4.3.1

Published Jun 08, 2018

Tracked Since Feb 18, 2026