CVE-2018-4308
Description
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2018-4308 is an out-of-bounds read in macOS Bluetooth stack that could allow a remote attacker to leak memory, addressed in macOS Mojave 10.14.
Vulnerability
An out-of-bounds read vulnerability exists in the Bluetooth stack of macOS. The issue is present in versions prior to macOS Mojave 10.14. An input validation issue was addressed with improved bounds checking [1][2].
Exploitation
A remote attacker in close proximity can exploit this vulnerability by sending a specially crafted Bluetooth packet. The attacker does not require authentication or user interaction. The out-of-bounds read occurs when processing the malicious packet [1][2].
Impact
Successful exploitation could lead to disclosure of sensitive information from kernel memory. This is a confidentiality impact, potentially leaking data to the attacker [1][2].
Mitigation
The vulnerability was fixed in macOS Mojave 10.14, released on September 24, 2018, and also addressed in later security updates for older macOS versions. No workarounds are documented [1][2].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <10.14
- Range: Versions prior to: macOS Mojave 10.14
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- support.apple.com/kb/HT209139mitrex_refsource_MISC
- support.apple.com/kb/HT209193mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.