Released September 17, 2018

Accounts

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A local app may be able to read a persistent account identifier

Description: This issue was addressed with improved entitlements.

CVE-2018-4322: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.

Auto Unlock

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to access local users AppleIDs

Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.

CVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.

Entry added September 24, 2018

Bluetooth

Available for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation

Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic

Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.

CVE-2018-5383: Lior Neumann and Eli Biham

CFNetwork

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative

Entry added October 30, 2018

CoreFoundation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-4412: The UK's National Cyber Security Centre (NCSC)

Entry added October 30, 2018

CoreFoundation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-4414: The UK's National Cyber Security Centre (NCSC)

Entry added October 30, 2018

CoreMedia

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An app may be able to learn information about the current camera view before being granted camera access

Description: A permissions issue existed. This issue was addressed with improved permission validation.

CVE-2018-4356: an anonymous researcher

CoreText

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text file may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

CVE-2018-4347: Vasyl Tkachuk of Readdle

Entry added October 30, 2018, updated December 13, 2018

Crash Reporter

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4333: Brandon Azad

Entry added September 24, 2018

dyld

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to modify protected parts of the file system

Description: A configuration issue was addressed with additional restrictions.

CVE-2018-4433: Vitaly Cheptsov

Entry updated January 22, 2019

Grand Central Dispatch

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4426: Brandon Azad

Entry added October 30, 2018

Heimdal

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4331: Brandon Azad

CVE-2018-4332: Brandon Azad

CVE-2018-4343: Brandon Azad

Entry added October 30, 2018

iBooks

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information

Description: A configuration issue was addressed with additional restrictions.

CVE-2018-4355: evi1m0 of bilibili security team

Entry added October 30, 2018

IOHIDFamily

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-4408: Ian Beer of Google Project Zero

Entry added October 30, 2018, updated September 17, 2019

IOKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to break out of its sandbox

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4341: Ian Beer of Google Project Zero

CVE-2018-4354: Ian Beer of Google Project Zero

Entry added October 30, 2018

IOKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2018-4383: Apple

Entry added October 30, 2018

IOMobileFrameBuffer

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4335: Brandon Azad

IOUserEthernet

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4401: Apple

Entry added October 30, 2018

iTunes Store

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store

Description: An input validation issue was addressed with improved input validation.

CVE-2018-4305: Jerry Decime

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: An input validation issue existed in the kernel. This issue was addressed with improved input validation.

CVE-2018-4363: Ian Beer of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4336: Brandon Azad

CVE-2018-4337: Ian Beer of Google Project Zero

CVE-2018-4340: Mohamed Ghannam (@_simo36)

CVE-2018-4344: The UK's National Cyber Security Centre (NCSC)

CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative

Entry added September 24, 2018, updated October 30, 2018

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to leak sensitive user information

Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions.

CVE-2018-4399: Fabiano Anemone (@anoane)

Entry added October 30, 2018

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker in a privileged network position may be able to execute arbitrary code

Description: A memory corruption issue was addressed with improved validation.

CVE-2018-4407: Kevin Backhouse of Semmle Ltd.

Entry added October 30, 2018

mDNSOffloadUserClient

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team

Entry added October 30, 2018

MediaRemote

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs

Entry added October 30, 2018

Messages

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A local user may be able to discover a user’s deleted messages

Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions.

CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah Mürşide Özünenek Anadolu Lisesi - Ankara/Türkiye, Mehmet Ferit Daştan of Van Yüzüncü Yıl University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU)

Notes

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A local user may be able to discover a user’s deleted notes

Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions.

CVE-2018-4352: Utku Altinkaynak

Entry updated October 30, 2018

Safari

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A local user may be able to discover websites a user has visited

Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of application snapshots.

CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah Mürşide Özünenek Anadolu Lisesi - Ankara/Türkiye, Mehmet Ferit Daştan of Van Yüzüncü Yıl University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU)

Safari

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A user may be unable to delete browsing history items

Description: Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion.

CVE-2018-4329: Hugo S. Diaz (coldpointblue)

Safari

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may be able to exfiltrate autofilled data in Safari

Description: A logic issue was addressed with improved state management.

CVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority

SafariViewController

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Visiting a malicious website may lead to address bar spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4362: Jun Kokatsu (@shhnjk)

Security

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A local user may be able to cause a denial of service

Description: This issue was addressed with improved checks.

CVE-2018-4395: Patrick Wardle of Digita Security

Entry added October 30, 2018

Security

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm

Description: This issue was addressed by removing RC4.

CVE-2016-1777: Pepi Zawodsky

Status Bar

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A person with physical access to an iOS device may be able to determine the last used app from the lock screen

Description: A logic issue was addressed with improved restrictions.

CVE-2018-4325: Brian Adeloye

Symptom Framework

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative

Entry added October 30, 2018

Text

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text file may lead to a denial of service

Description: A denial of service issue was addressed with improved validation.

CVE-2018-4304: jianan.huang (@Sevck)

Entry added October 30, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may be able to execute scripts in the context of another website

Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative

Entry added September 24, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2018-4361: found by OSS-Fuzz

CVE-2018-4474: found by OSS-Fuzz

Entry added September 24, 2018, updated January 22, 2019

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Cross-origin SecurityErrors includes the accessed frame’s origin

Description: The issue was addressed by removing origin information.

CVE-2018-4311: Erling Alf Ellingsen (@steike)

Entry added September 24, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative

CVE-2018-4323: Ivan Fratric of Google Project Zero

CVE-2018-4328: Ivan Fratric of Google Project Zero

CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative

CVE-2018-4359: Samuel Groß (@5aelo)

CVE-2018-4360: William Bowling (@wcbowling)

Entry added September 24, 2018, updated October 30, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may cause unexepected cross-origin behavior

Description: A cross-origin issue existed with iframe elements. This was addressed with improved tracking of security origins.

CVE-2018-4319: John Pettitt of Google

Entry added September 24, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

Entry added September 24, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Unexpected interaction causes an ASSERT failure

Description: A memory corruption issue was addressed with improved validation.

CVE-2018-4191: found by OSS-Fuzz

Entry added September 24, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious website may exfiltrate image data cross-origin

Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

CVE-2018-4345: Jun Kokatsu (@shhnjk)

Entry added September 24, 2018, updated December 13, 2018

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

CVE-2018-4315: Ivan Fratric of Google Project Zero

CVE-2018-4197: Ivan Fratric of Google Project Zero

CVE-2018-4312: Ivan Fratric of Google Project Zero

CVE-2018-4306: Ivan Fratric of Google Project Zero

CVE-2018-4318: Ivan Fratric of Google Project Zero

CVE-2018-4317: Ivan Fratric of Google Project Zero

CVE-2018-4314: Ivan Fratric of Google Project Zero

Entry added September 24, 2018