Released March 29, 2018

Apple TV App

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker in a privileged network position may be able to spoof password prompts in the Apple TV App

Description: An input validation issue was addressed through improved input validation.

CVE-2018-4177: Jerry Decime

Entry added April 13, 2018

Clock

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes

Description: An information disclosure issue existed in the handling of alarms and timers. This issue was addressed with improved access restrictions.

CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)

Entry updated November 16, 2018

CoreFoundation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4155: Samuel Groß (@5aelo)

CVE-2018-4158: Samuel Groß (@5aelo)

CoreText

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted string may lead to a denial of service

Description: A denial of service issue was addressed with improved memory handling.

CVE-2018-4142: Robin Leroy of Google Switzerland GmbH

Entry updated November 16, 2018

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Visiting a malicious website may lead to address bar spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter

CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter

Entry added October 30, 2018, updated November 16, 2018

File System Events

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4167: Samuel Groß (@5aelo)

Files Widget

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: File Widget may display contents on a locked device

Description: The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management.

CVE-2018-4168: Brandon Moore

Find My iPhone

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password

Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore.

CVE-2018-4172: Viljami Vastamäki

iCloud Drive

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4151: Samuel Groß (@5aelo)

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4150: an anonymous researcher

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4143: derrek (@derrekr6)

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to determine kernel memory layout

Description: An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

CVE-2018-4185: Brandon Azad

Entry added July 19, 2018

libxml2

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash

Description: A use after free issue was addressed with improved memory management.

CVE-2017-15412: Nick Wellnhofer

Entry added October 18, 2018

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Visiting a malicious website may lead to address bar spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter

CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter

Entry added October 30, 2018

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text message may lead to UI spoofing

Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2018-4187: Roman Mueller (@faker_), Zhiyang Zeng (@Wester) of Tencent Security Platform Department

Entry added September 17, 2019

Mail

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4174: John McCombs of Integrated Mapping Ltd, McClain Looney of LoonSoft Inc.

Entry updated April 13, 2018

NSURLSession

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4166: Samuel Groß (@5aelo)

PluginKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4156: Samuel Groß (@5aelo)

Quick Look

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4157: Samuel Groß (@5aelo)

Safari

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department

Safari Login AutoFill

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction.

Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed with improved autofill heuristics.

CVE-2018-4137

Entry updated November 16, 2018

SafariViewController

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Visiting a malicious website may lead to user interface spoofing

Description: A state management issue was addressed by disabling text input until the destination page loads.

CVE-2018-4149: Abhinash Jain (@abhinashjain)

Security

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to elevate privileges

Description: A buffer overflow was addressed with improved size validation.

CVE-2018-4144: Abraham Masri (@cheesecakeufo)

Status Bar

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to access the microphone without indication to the user

Description: A consistency issue existed in deciding when to show the microphone use indicator. The issue was resolved with improved capability validation.

CVE-2018-4173: Joshua Pokotilow of pingmd

Entry added April 9, 2018

Storage

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CVE-2018-4154: Samuel Groß (@5aelo)

System Preferences

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A configuration profile may incorrectly remain in effect after removal

Description: An issue existed in CFPreferences. This issue was addressed with improved preferences cleanup.

CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera

Entry updated November 16, 2018

Telephony

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A remote attacker can cause a device to unexpectedly restart

Description: A null pointer dereference issue existed when handling Class 0 SMS messages. This issue was addressed with improved message validation.

CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV

Entry updated November 16, 2018

Telephony

Available for: iPhone 5s and later, and Wi-Fi + Cellular models of iPad Air and later

Impact: A remote attacker may be able to execute arbitrary code

Description: Multiple buffer overflows were addressed with improved input validation.

CVE-2018-4148: Nico Golde of Comsecuris UG

Entry added March 30, 2018

Web App

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Cookies may unexpectedly persist in web app

Description: A cookie management issue was addressed with improved state management.

CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation

Entry updated November 16, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab

CVE-2018-4114: found by OSS-Fuzz

CVE-2018-4118: Jun Kokatsu (@shhnjk)

CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

CVE-2018-4121: Natalie Silvanovich of Google Project Zero

CVE-2018-4122: WanderingGlitch of Trend Micro’s Zero Day Initiative

CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4128: Zach Markley

CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative

CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative

CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction with indexing types causing an ASSERT failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks

CVE-2018-4113: found by OSS-Fuzz

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to a denial of service

Description: A memory corruption issue was addressed through improved input validation

CVE-2018-4146: found by OSS-Fuzz

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may exfiltrate data cross-origin

Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation.

CVE-2018-4117: an anonymous researcher, an anonymous researcher

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4207: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4208: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4209: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction with indexing types caused a failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.

CVE-2018-4210: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4212: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4213: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4145: found by OSS-Fuzz

Entry added October 18, 2018

WindowServer

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled

Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by improved state management.

CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH