| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <23AE8259-F4AD-4AAA-93F6-347125A6E30E@lists.apple.com> Date: Wed, 16 Apr 2025 13:54:14 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-04-16-2025-4 visionOS 2.4.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-04-16-2025-4 visionOS 2.4.1 visionOS 2.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122402. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: Apple Vision Pro Impact: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. Description: A memory corruption issue was addressed with improved bounds checking. CVE-2025-31200: Apple and Google Threat Analysis Group RPAC Available for: Apple Vision Pro Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. Description: This issue was addressed by removing the vulnerable code. CVE-2025-31201: Apple Instructions on how to update visionOS are available at https://support.apple.com/118481. To check the software version on your Apple Vision Pro, open the Settings app and choose General > About. All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmgABy8ACgkQX+5d1TXa Ivrang/7BbMWMNA2hlaLbrO/2skpKd6F2cK9LKILFzivIWDadD4M7wZVRGo0TM4Y fN1cOW+iGtd4BmCFnKYMIjc89f+WXkL+dESLiD3ujwy73RmUIGfbhr6GkgGJkcHt Dccx71oumDDO9FY1IUyZuBCONGuC8vcfbgKjdaeiLpkzbBDMSMNna+HVvA4nUExP j2ApivOFXcbhBO7Bw6DZkavXU+9wbZhHHkKt+QZifdB6vMzz854bDdaT1JNt9l80 YdwBEPE8+0TXAWRX4VToOKg1Zn8AT7LmK3PCnB+xuCRbh5zgWIOT7hVvEtvaPlHl uup5Av2CJoFdfXzP5PJ8lUfxG/NRiGZX8XykYakp2y7sPQcwUkU56N2uoWhO95Wh bhZoy6hN5bkptD8Kbnj/LyyEUNT3Hk1Gd9o9pxhnp7GvwNtZqOAC8/5nIMsoy06S AJeNUj1WAJJ9a9o/2S0Au3KpR6ccVb6UXXJ+d71xhIPjyXqJTnC/mKrzsx6yjGTP qaj/Zr7cZh36BXa6a5Fv3z1I7AR7uwR2hxHG/dOund/RUGeRxoTEbcl1rmzAVZeF N4JsOvHtBboz5B3xs9P11Q9FMGzbyeuO8Yttqb4oXJOd97XA5T67iLiuDfCPgYxk 3GCs5pKAoKW3HrQpO8wwwX/vloZBOt7idy+81IUQ80GIaMkS9rU= =cfH0 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists