PT-2025-5323 · Apple+9 · Visionos+16

P1Umer

+1

·

Published

2023-07-18

·

Updated

2025-11-25

·

CVE-2025-24158

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions visionOS versions prior to 2.3 Safari versions prior to 18.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 tvOS versions prior to 18.3
Description The issue is related to improved memory handling and may lead to a denial-of-service when processing web content. It is associated with unlimited resource allocation, which can be exploited by a remote attacker to cause a denial-of-service.
Recommendations For visionOS versions prior to 2.3, update to visionOS 2.3. For Safari versions prior to 18.3, update to Safari 18.3. For iOS versions prior to 18.3, update to iOS 18.3. For iPadOS versions prior to 18.3, update to iPadOS 18.3. For macOS Sequoia versions prior to 15.3, update to macOS Sequoia 15.3. For watchOS versions prior to 11.3, update to watchOS 11.3. For tvOS versions prior to 18.3, update to tvOS 18.3.

Exploit

Fix

DoS

XSS

Allocation of Resources Without Limits

Weakness Enumeration

CWE-79CWE-770

Related Identifiers

ALSA-2025:2034
ALSA-2025:2035
BDU:2025-01365
CESA-2025_2034
CVE-2025-24158
DLA-4051-1
DSA-5865-1
INFSA-2025_2034
INFSA-2025_2035
MGASA-2025-0313
OPENSUSE-SU-2025_0638-1
OPENSUSE-SU-2025_0691-1
RHSA-2023:4201
RHSA-2023_4201
RHSA-2025:10364
RHSA-2025:2034
RHSA-2025:2035
RHSA-2025_2034
SUSE-SU-2025:0638-1
SUSE-SU-2025:0639-1
SUSE-SU-2025:0691-1
SUSE-SU-2025:0735-1
USN-7279-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sequoia
Tvos
Visionos
Watchos