CVE-2025-24118

Name of the Vulnerable Software and Affected Versions macOS versions prior to 14.7.3 iPadOS versions prior to 17.7.4 macOS Sequoia versions prior to 15.3

Description The issue is a race condition within the kauth cred proc update() function of the macOS and iPadOS kernel. This race condition, stemming from improper synchronization when sharing a resource, can lead to out-of-bounds writes in memory. Successful exploitation may allow a remote attacker to cause a denial of service or potentially gain unauthorized access. The issue was addressed through improved memory handling. Reports indicate the potential for applications to cause unexpected system termination or write to kernel memory.

Recommendations Update macOS to version 14.7.3 or later. Update iPadOS to version 17.7.4 or later. Update macOS Sequoia to version 15.3 or later.