Out-of-Bounds Read Vulnerability in Multiple Apple Products
CVE-2025-24182

Currently unrated

Key Information:

Vendor
Apple
Status
TV OS
iOS And iPad OS
Mac OS
Visionos
Vendor
CVE Published:
31 March 2025

Summary

An out-of-bounds read vulnerability was identified in various Apple operating systems, allowing the potential disclosure of process memory when processing a specially crafted font. This issue has been mitigated through enhanced input validation measures in the latest versions of visionOS, iOS, iPadOS, tvOS, and macOS. Users are advised to update their devices to protect against possible exploitation.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

tvOS < 18.4

References

https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122373

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.