PT-2025-20797 · Apple+10 · Visionos+17

Juergen Schmied

·

Published

2025-05-12

·

Updated

2025-11-25

·

CVE-2025-31257

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions watchOS versions prior to 11.5 tvOS versions prior to 18.5 iOS versions prior to 18.5 iPadOS versions prior to 18.5 macOS Sequoia versions prior to 15.5 visionOS versions prior to 2.5 Safari versions prior to 18.5
Description The issue is related to processing maliciously crafted web content, which may lead to an unexpected Safari crash. It was addressed with improved memory handling.
Recommendations For watchOS versions prior to 11.5, update to watchOS 11.5. For tvOS versions prior to 18.5, update to tvOS 18.5. For iOS versions prior to 18.5, update to iOS 18.5. For iPadOS versions prior to 18.5, update to iPadOS 18.5. For macOS Sequoia versions prior to 15.5, update to macOS Sequoia 15.5. For visionOS versions prior to 2.5, update to visionOS 2.5. For Safari versions prior to 18.5, update to Safari 18.5.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025:7995
ALSA-2025:8046
BDU:2025-11816
CESA-2025_8046
CVE-2025-31257
DLA-4218-1
DSA-5937-1
INFSA-2025_7995
INFSA-2025_8046
MGASA-2025-0313
OPENSUSE-SU-2025_01724-1
OPENSUSE-SU-2025_01746-1
RHSA-2025:10364
RHSA-2025:7995
RHSA-2025:8046
RHSA-2025:8530
RHSA-2025:8532
RHSA-2025:8533
RHSA-2025:8534
RHSA-2025:8541
RHSA-2025:8600
RHSA-2025_7995
RHSA-2025_8046
SUSE-SU-2025:01720-1
SUSE-SU-2025:01724-1
SUSE-SU-2025:01746-1
SUSE-SU-2025:02033-1
SUSE-SU-2025_01720-1
SUSE-SU-2025_01724-1
SUSE-SU-2025_01746-1
SUSE-SU-2025_02033-1
USN-7566-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Java Platform
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sequoia
Tvos
Visionos
Watchos