CVE-2018-5383
Description
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Risk Information
Base Score
6.8
MODERATE
Vector
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.578
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.6 | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.6 Combo Update | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.5 | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.4 | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.4 Combo Update | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.3 | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.3 Combo Update | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.2 | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.1 | Mac |
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.6 - Reboot Automatically | Mac |
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.6 Combo Update - Reboot Automatically | Mac |
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.5 - Reboot Automatically | Mac |
| SUSE-SU-2019:0466-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-firmware-20170530-21.28.1.noarch.rpm | Linux |
| SUSE-SU-2019:0466-1(SUSE Linux Enterprise Desktop 12-SP3 ) ucode-amd-20170530-21.28.1.noarch.rpm | Linux |
| Linux kernel (USN-4094-1) linux-image-gcp_4.15.0.1040.42_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-gcp_4.15.0.1040.54_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-gke_4.15.0.1040.43_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-gke_4.15.0.1040.54_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-kvm_4.15.0.1042.42_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-oem_4.15.0.58.79_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-oem_4.15.0.1050.54_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-azure_4.15.0.1055.58_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-oracle_4.15.0.1021.15_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-oracle_4.15.0.1021.24_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-generic_4.15.0.58.60_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-generic_4.15.0.58.60_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-virtual_4.15.0.58.60_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-virtual_4.15.0.58.60_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-gke-4.15_4.15.0.1040.43_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-lowlatency_4.15.0.58.60_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-lowlatency_4.15.0.58.60_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1040-gcp_4.15.0-1040.42_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1040-gcp_4.15.0-1040.42~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1040-gke_4.15.0-1040.42_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1042-kvm_4.15.0-1042.42_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1050-oem_4.15.0-1050.57_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1055-azure_4.15.0-1055.60_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-generic_4.15.0-58.64_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-generic_4.15.0-58.64_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-generic_4.15.0-58.64~16.04.1_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-generic_4.15.0-58.64~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-generic-hwe-16.04_4.15.0.58.79_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-generic-hwe-16.04_4.15.0.58.79_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-virtual-hwe-16.04_4.15.0.58.79_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-virtual-hwe-16.04_4.15.0.58.79_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1021-oracle_4.15.0-1021.23_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-1021-oracle_4.15.0-1021.23~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-lowlatency_4.15.0-58.64_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-lowlatency_4.15.0-58.64_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-lowlatency_4.15.0-58.64~16.04.1_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-4.15.0-58-lowlatency_4.15.0-58.64~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-lowlatency-hwe-16.04_4.15.0.58.79_i386.deb | Linux |
| Linux kernel (USN-4094-1) linux-image-lowlatency-hwe-16.04_4.15.0.58.79_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-aws_4.4.0.1090.94_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-kvm_4.4.0.1054.54_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-generic_4.4.0.159.167_i386.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-generic_4.4.0.159.167_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-virtual_4.4.0.159.167_i386.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-virtual_4.4.0.159.167_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-lowlatency_4.4.0.159.167_i386.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-lowlatency_4.4.0.159.167_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-1054-kvm_4.4.0-1054.61_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-1090-aws_4.4.0-1090.101_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-159-generic_4.4.0-159.187_i386.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-159-generic_4.4.0-159.187_amd64.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-159-lowlatency_4.4.0-159.187_i386.deb | Linux |
| Linux kernel (USN-4095-1) linux-image-4.4.0-159-lowlatency_4.4.0-159.187_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-4118-1) linux-image-aws_4.15.0.1047.46_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-4118-1) linux-image-aws-hwe_4.15.0.1047.47_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-4118-1) linux-image-4.15.0-1047-aws_4.15.0-1047.49_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-4118-1) linux-image-4.15.0-1047-aws_4.15.0-1047.49~16.04.1_amd64.deb | Linux |
| (RHSA-2019:2169) linux-firmware security, bug fix, and enhancement update linux-firmware-20190429-72.gitddde598.el7.noarch.rpm | Linux |
| Firmware for Linux kernel drivers (USN-4351-1) linux-firmware_1.157.23_all.deb | Linux |
| Firmware for Linux kernel drivers (USN-4351-1) linux-firmware_1.173.18_all.deb | Linux |
| (CESA-2019:2169) linux-firmware security, bug fix, and enhancement update linux-firmware-20190429-72.gitddde598.el7.noarch.rpm | Linux |
| Firmware for Linux kernel drivers (USN-4351-1) linux-firmware_1.173.18_all.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-602005 | macOS Mojave 10.14.6 Combo Update |
| PATCH-602005 | macOS Mojave 10.14.6 Combo Update |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-602005 | macOS Mojave 10.14.6 Combo Update |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-602005 | macOS Mojave 10.14.6 Combo Update |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-601562 | macOS High Sierra 10.13.6 - Reboot Automatically |
| PATCH-601563 | macOS High Sierra 10.13.6 Combo Update - Reboot Automatically |
| PATCH-601563 | macOS High Sierra 10.13.6 Combo Update - Reboot Automatically |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234