-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update
2018-002 Sierra, and Security Update 2018-002 El Capitan

Admin Framework
Available for: macOS High Sierra 10.13.3
Impact: Passwords supplied to sysadminctl may be exposed to other
local users
Description: The sysadminctl command-line tool required that
passwords be passed to it in its arguments, potentially exposing the
passwords to other local users. This update makes the password
parameter optional, and sysadminctl will prompt for the password if
needed.
CVE-2018-4170: an anonymous researcher

APFS
Available for: macOS High Sierra 10.13.3
Impact: An APFS volume password may be unexpectedly truncated
Description: An injection issue was addressed through improved input
validation.
CVE-2018-4105: David J Beitey (@davidjb_), Geoffrey Bugniot

ATS
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Processing a maliciously crafted file might disclose user
information
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2018-4112: Haik Aftandilian of Mozilla

CFNetwork Session
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)

CoreFoundation
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4155: Samuel GroA (@5aelo)
CVE-2018-4158: Samuel GroA (@5aelo)

CoreText
Available for: macOS High Sierra 10.13.3
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH

CoreTypes
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: Processing a maliciously crafted webpage may result in the
mounting of a disk image
Description: A logic issue was addressed with improved restrictions.
CVE-2017-13890: Apple, Theodor Ragnar Gislason of Syndis

curl
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: Multiple issues in curl
Description: An integer overflow existed in curl. This issue was
addressed through improved bounds checking.
CVE-2017-8816: an anonymous researcher

Disk Images
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Mounting a malicious disk image may result in the launching
of an application
Description: A logic issue was addressed with improved validation.
CVE-2018-4176: Theodor Ragnar Gislason of Syndis

Disk Management
Available for: macOS High Sierra 10.13.3
Impact: An APFS volume password may be unexpectedly truncated
Description: An injection issue was addressed through improved input
validation.
CVE-2018-4108: Kamatham Chaitanya of ShiftLeft Inc., an anonymous
researcher

File System Events
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4167: Samuel GroA (@5aelo)

iCloud Drive
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4151: Samuel GroA (@5aelo)

Intel Graphics Driver
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4132: Axis and pjf of IceSword Lab of Qihoo 360

IOFireWireFamily
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4135: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.

Kernel
Available for: macOS High Sierra 10.13.3
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4150: an anonymous researcher

Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)

Kernel
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)

Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2018-4136: Jonas Jensen of lgtm.com and Semmle

Kernel
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2018-4160: Jonas Jensen of lgtm.com and Semmle

kext tools
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2018-4139: Ian Beer of Google Project Zero

LaunchServices
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: A maliciously crafted application may be able to bypass code
signing enforcement
Description: A logic issue was addressed with improved validation.
CVE-2018-4175: Theodor Ragnar Gislason of Syndis

Mail
Available for: macOS High Sierra 10.13.3
Impact: An attacker in a privileged network position may be able to
exfiltrate the contents of S/MIME-encrypted e-mail
Description: An issue existed in the handling of S/MIME HTML e-mail.
This issue was addressed by not loading remote resources on S/MIME
encrypted messages by default if the message has an invalid or
missing S/MIME signature.
CVE-2018-4111: an anonymous researcher

Mail
Available for: macOS High Sierra 10.13.3
Impact: An attacker in a privileged network position may be able to
intercept the contents of S/MIME-encrypted e-mail
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4174: an anonymous researcher, an anonymous researcher

Notes
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4152: Samuel GroA (@5aelo)

NSURLSession
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)

NVIDIA Graphics Drivers
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4138: Axis and pjf of IceSword Lab of Qihoo 360

PDFKit
Available for: macOS High Sierra 10.13.3
Impact: Clicking a URL in a PDF may visit a malicious website
Description: An issue existed in the parsing of URLs in PDFs. This
issue was addressed through improved input validation.
CVE-2018-4107: an anonymous researcher

PluginKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4156: Samuel GroA (@5aelo)

Quick Look
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)

Security
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)

Storage
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4154: Samuel GroA (@5aelo)

System Preferences
Available for: macOS High Sierra 10.13.3
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences. This issue was
addressed through improved preferences cleanup.
CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of
Wandera

Terminal
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Pasting malicious content may lead to arbitrary command
execution spoofing
Description: A command injection issue existed in the handling of
Bracketed Paste Mode. This issue was addressed through improved
validation of special characters.
CVE-2018-4106: Simon Hosie

WindowServer
Available for: macOS High Sierra 10.13.3
Impact: An unprivileged application may be able to log keystrokes
entered into other applications even when secure input mode is
enabled
Description: By scanning key states, an unprivileged application
could log keystrokes entered into other applications even when secure
input mode was enabled. This issue was addressed by improved state
management.
CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH

Installation note:

macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and
Security Update 2018-002 El Capitan may be obtained from the
Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9Gl4pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbLsBAA
ulM5yGdq+lKTJ1XYrVVdH9k5QStzg551Ss0sHS84bC6p5AzSh+mFHITJDKyF3H+M
To0SoSwzdHrEmXNZ2LPAz9C0h9FSFh4AAhz3Fng4Qbd4L+Q+MypPnrpVZIMO9Iy8
srwJzbpa3LQ9Nq6NGmTD68wTyN2hjdcIc/ifsBev71HGx695Axr9tEV4PBzXyhZE
aZpUBc1e7PvDzLh4VjVRRfk591zRjzEGWuZH/1kbwmFuIBqb3BCaL6MQ4sFZUPw9
L26Q/RrFDA9KMb2P0K1EA2kTEoqAu51d31SgSGe8AskUdPaVE33juxXGde3LT+5F
OdfZ4iDc7MB808CU7aauzsed0DgYUPnenphj/+iIsZm//8fUt2YKCHT48uS8mjBp
W2rClecQ3J+nz3hmvoR5/tvJ2QsiZtir2CsGbZ7nLhxaNu098yJ22fQPpJeHy0pr
CIgp5qsNs0Qej7VOkjFWWPBvKwDYhnTInR8tHSHtxyUiG+voLGnMXKv94kPqMhUZ
Byhosi55N9wGEmAhHmjFr71E8H4gU1ZbKQo0UYulnXd22vzBWrPX5BQW9F0xLSMT
6mbkCh3gSWyVvhcCbQ/v3ajWoaC4ZyyUllLgpSZgr5bFt9YJGAVLngRX47oI27uS
8tPmXxjKq86HBH8Otmicu/yb9qf5d3lb/TwMawbH/iU=
=Xshl
-----END PGP SIGNATURE-----