There is a heap corruption vulnerability in VCPDecompressionDecodeFrame which is called by FaceTime. This bug can be reached if a user accepts a call from a malicious peer.
1bd312f7b4a101fec53ac225a7f3d6e0201421a8aa365cfae0b3c2da6c90a236
Apple Security Advisory 2018-10-30-1 - iOS 12.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
93a362567b72263d53b58c256f7884c72cb4ddbf8dc6666545a0ea17c505edc5