| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <ED4C921F-83AA-4F0D-A3DB-89AF441833D0@lists.apple.com> Date: Mon, 12 May 2025 15:38:59 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-05-12-2025-2 iPadOS 17.7.7 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-05-12-2025-2 iPadOS 17.7.7 iPadOS 17.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/122405. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to read arbitrary file metadata Description: A permissions issue was addressed with additional restrictions. CVE-2025-24097: Ron Masas of BREAKPOINT.SH AppleJPEG Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: The issue was addressed with improved input sanitization. CVE-2025-31251: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative Audio Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to cause unexpected system termination Description: A double free issue was addressed with improved memory management. CVE-2025-31235: Dillon Franke working with Google Project Zero CoreAudio Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-31208: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreGraphics Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing a maliciously crafted file may lead to a denial-of- service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved input validation. CVE-2025-31196: wac working with Trend Micro Zero Day Initiative CoreGraphics Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2025-31209: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreMedia Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Parsing a file may lead to an unexpected app termination Description: A use-after-free issue was addressed with improved memory management. CVE-2025-31239: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreMedia Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory Description: The issue was addressed with improved input sanitization. CVE-2025-31233: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative Display Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to cause unexpected system termination Description: A memory corruption issue was addressed with improved state management. CVE-2025-24111: Wang Yu of Cyberserval FaceTime Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved UI. CVE-2025-31210: Andrew James Gonzalez iCloud Document Sharing Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An attacker may be able to turn on sharing of an iCloud folder without authentication Description: This issue was addressed with additional entitlement checks. CVE-2025-30448: Lyutoon and YenKoc, Dayton Pidhirney of Atredis Partners ImageIO Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing a maliciously crafted image may lead to a denial-of- service Description: A logic issue was addressed with improved checks. CVE-2025-31226: Saagar Jha Kernel Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to leak sensitive kernel state Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2025-24144: Mateusz Krzywicki (@krzywix) Kernel Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling. CVE-2025-31219: Michael DePlante (@izobashi) and Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative Kernel Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: A remote attacker may cause an unexpected app termination Description: A double free issue was addressed with improved memory management. CVE-2025-31241: Christian Kohlschütter libexpat Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Multiple issues in libexpat, including unexpected app termination or arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-8176 Mail Addressing Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing an email may lead to user interface spoofing Description: An injection issue was addressed with improved input validation. CVE-2025-24225: Richard Hyunho Im (@richeeta) Notes Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An attacker with physical access to a device may be able to access notes from the lock screen Description: The issue was addressed with improved authentication. CVE-2025-31228: Andr.Ess Parental Controls Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to retrieve Safari bookmarks without an entitlement check Description: This issue was addressed with additional entitlement checks. CVE-2025-24259: Noah Gregory (wts.dev) Pro Res Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to cause unexpected system termination Description: The issue was addressed with improved checks. CVE-2025-31245: wac Sandbox Profiles Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to read a persistent device identifier Description: A permissions issue was addressed with additional restrictions. CVE-2025-24220: Wojciech Regula of SecuRing (wojciechregula.blog) Security Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: A remote attacker may be able to leak memory Description: An integer overflow was addressed with improved input validation. CVE-2025-31221: Dave G. Security Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to access associated usernames and websites in a user's iCloud Keychain Description: A logging issue was addressed with improved data redaction. CVE-2025-31213: Kirin (@Pwnrin) and 7feilee StoreKit Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2025-31242: Eric Dorphy of Twin Cities App Dev LLC Weather Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: A malicious app may be able to read sensitive location information Description: A privacy issue was addressed by removing sensitive data. CVE-2025-31220: Adam M. WebKit Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: A type confusion issue could lead to memory corruption Description: This issue was addressed with improved handling of floats. WebKit Bugzilla: 286694 CVE-2025-24213: Google V8 Security Team WebKit Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved input validation. WebKit Bugzilla: 289677 CVE-2025-31217: Ignacio Sanmillan (@ulexec) WebKit Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks. WebKit Bugzilla: 288814 CVE-2025-31215: Jiming Wang and Jikai Ren WebKit Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A type confusion issue was addressed with improved state handling. WebKit Bugzilla: 290834 CVE-2025-31206: an anonymous researcher Additional recognition Kernel We would like to acknowledge an anonymous researcher for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iPadOS 17.7.7". All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmgickUACgkQX+5d1TXa IvpQ5hAAxBE/vwNs4ygPfj2vwrvQ+8oa20mNKrJhwHRj6gv3mu2nwza44q+n5XJO gzGV49BptOQ0TMcK1MHY9uvmiAbR6MnfhVj9XrKoI+Gyut72W5xp/MFdArpfnZZE kamYp0vOVzPABJR5CUPiciIA43cNQkD1qFvM2gd4qXi9tcpbCwNHtDGEOOlAWrKx +3zA0rWJg4jRTQ3H9IBNbMANyLfl/OwxrQRh/qfgPFJJkgauwZ7OZZ8QU0bJ1DdM AchpFSn+yM7CCE5QIrWdxU0KXqftaSiJ+QqKn4A12coyd+ORix1GK5weJ0HmFDoq L+GL0quebmA3hz13P90KUjVd9ktlBGiPLh7EdoL69u9gHamLxOe96L1nYFFqwfGx DzrYlFfGchsmnBwp1Q/bkOQ0gxbLjcnhPfQqkPFiX5WP1vYMXv1qosh1Z0B6BW17 rkdZ3VCqMKuWYvMENVWiI9n4iMmiWah/XxBw8F02KlwI6bn7P03HcZQGiAJxOiTz 0I7fvY/GGPZs5ooF+UuMfOLvpZkgcdZYTiF2ya3ztqyv9X7q2iuaLShP8QgaaK1d EtCGB003oT4LoGqiI2nwjgfKjte8EE0QUJuVYirDta2964NIQUhJtn4s3lAWd6B4 bZJGem9n/t7tPJeHLB0RdfEvmdTNeC5wRN82Kkj+UUaUyzGa8Ww= =CELf -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists