lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <23AE8259-F4AD-4AAA-93F6-347125A6E30E@lists.apple.com>
Date: Wed, 16 Apr 2025 13:54:14 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-04-16-2025-4 visionOS 2.4.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-04-16-2025-4 visionOS 2.4.1

visionOS 2.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122402.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

CoreAudio
Available for: Apple Vision Pro
Impact: Processing an audio stream in a maliciously crafted media file
may result in code execution. Apple is aware of a report that this issue
may have been exploited in an extremely sophisticated attack against
specific targeted individuals on iOS.
Description: A memory corruption issue was addressed with improved
bounds checking.
CVE-2025-31200: Apple and Google Threat Analysis Group

RPAC
Available for: Apple Vision Pro
Impact: An attacker with arbitrary read and write capability may be able
to bypass Pointer Authentication. Apple is aware of a report that this
issue may have been exploited in an extremely sophisticated attack
against specific targeted individuals on iOS.
Description: This issue was addressed by removing the vulnerable code.
CVE-2025-31201: Apple

Instructions on how to update visionOS are available at
https://support.apple.com/118481. To check the software version
on your Apple Vision Pro, open the Settings app and choose General >
About.

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmgABy8ACgkQX+5d1TXa
Ivrang/7BbMWMNA2hlaLbrO/2skpKd6F2cK9LKILFzivIWDadD4M7wZVRGo0TM4Y
fN1cOW+iGtd4BmCFnKYMIjc89f+WXkL+dESLiD3ujwy73RmUIGfbhr6GkgGJkcHt
Dccx71oumDDO9FY1IUyZuBCONGuC8vcfbgKjdaeiLpkzbBDMSMNna+HVvA4nUExP
j2ApivOFXcbhBO7Bw6DZkavXU+9wbZhHHkKt+QZifdB6vMzz854bDdaT1JNt9l80
YdwBEPE8+0TXAWRX4VToOKg1Zn8AT7LmK3PCnB+xuCRbh5zgWIOT7hVvEtvaPlHl
uup5Av2CJoFdfXzP5PJ8lUfxG/NRiGZX8XykYakp2y7sPQcwUkU56N2uoWhO95Wh
bhZoy6hN5bkptD8Kbnj/LyyEUNT3Hk1Gd9o9pxhnp7GvwNtZqOAC8/5nIMsoy06S
AJeNUj1WAJJ9a9o/2S0Au3KpR6ccVb6UXXJ+d71xhIPjyXqJTnC/mKrzsx6yjGTP
qaj/Zr7cZh36BXa6a5Fv3z1I7AR7uwR2hxHG/dOund/RUGeRxoTEbcl1rmzAVZeF
N4JsOvHtBboz5B3xs9P11Q9FMGzbyeuO8Yttqb4oXJOd97XA5T67iLiuDfCPgYxk
3GCs5pKAoKW3HrQpO8wwwX/vloZBOt7idy+81IUQ80GIaMkS9rU=
=cfH0
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ