2 matches found
CVE-2018-4407
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...
CVE-2018-4407
CVE-2018-4407 is grounded in a heap-based memory corruption in Apple XNU’s AWDL path. The bug arises in IO80211AWDLPeer::parseAwdlSyncTreeTLV: TLV type 0x14 (SyncTree TLV) can overflow the 60-byte sync_tree_macs buffer into the adjacent heap, due to the TLV length being capped at 1024 but copied ...