Apple has released nine security advisories to address multiple vulnerabilities in iOS, iPadOS, macOS Ventura, macOS Sonoma, macOS Sequoia, watchOS, tvOS, visionOS and Safari.

Apple has released software updates to address multiple security vulnerabilities, including the four detailed below.

Vulnerability Details

CVE-2025-31219 is a vulnerability that impacts the memory handling in Kernel that could allow an attacker to cause unexpected system termination or kernel memory corruption.

CVE-2025-31223 and CVE-2025-31238 vulnerabilities in WebKit may lead to memory corruption during the processing of maliciously crafted web content.

CVE-2025-31222 is a correctness issue in mDNSResponder that may allow an attacker to escalate privileges and gain SYSTEM privileges under certain conditions.

Remediation advice

Affected organisations are encouraged to review Apple security releases and apply the relevant updates.

Remediation steps

Type	Step
Patch	iOS 18.5 and iPadOS 18.5 \| 122404 https://support.apple.com/en-us/122404
Patch	iPadOS 17.7.7 \| 122405 https://support.apple.com/en-us/122405
Patch	macOS Sequoia 15.5 \| 122716 https://support.apple.com/en-us/122716
Patch	macOS Sonoma 14.7.6 \| 122717 https://support.apple.com/en-us/122717
Patch	macOS Ventura 13.7.6 \| 122718 https://support.apple.com/en-us/122718
Patch	watchOS 11.5 \| 122722 https://support.apple.com/en-us/122722
Patch	tvOS 18.5 \| 122720 https://support.apple.com/en-us/122720
Patch	visionOS 2.5 \| 122721 https://support.apple.com/en-us/122721
Patch	Safari 18.5 \| 122719 https://support.apple.com/en-us/122719

Definitive source of threat updates

https://support.apple.com/en-us/100100

CVE Vulnerabilities

Status Published

CVE-2025-31219

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

Status Published

CVE-2025-31223

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Status Published

CVE-2025-31238

Status Published

CVE-2025-31222

A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges

Last edited: 13 May 2025 1:59 pm