Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
Published: 2025-03-31
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write that bypasses bounds checking, allowing an application to write data beyond the intended memory buffer. This flaw can corrupt kernel memory, leading to arbitrary code execution or delivering a kernel panic that terminates the system. Because the corruption occurs in kernel space, an attacker can potentially elevate privileges or cause denial of service.

Affected Systems

Apple macOS products are affected. The issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5 and macOS Ventura 13.7.5, so any earlier releases of those operating systems are vulnerable. Specific vendors and product names are Apple macOS, with vulnerable versions including every build before the patched releases.

Risk and Exploitability

The CVSS score of 9.8 classifies this as a critical vulnerability. The EPSS score of less than 1% indicates a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, the attack requires an application with sufficient privilege to trigger the out‑of‑bounds write, so the likely attack vector is local or involves malicious software installed by the user.

Generated by OpenCVE AI on April 28, 2026 at 02:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the system to macOS Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5.
  • Restrict execution of third‑party applications to trusted sources and maintain regular macOS updates.
  • Monitor system logs for unexpected kernel panics and reboot to a known good state if a crash occurs.

Generated by OpenCVE AI on April 28, 2026 at 02:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8936 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
History

Tue, 28 Apr 2026 03:15:00 +0000

Type Values Removed Values Added
Title macOS Kernel Out-of-Bounds Write Causing Memory Corruption and System Crash

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Wed, 30 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 07 Apr 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 01 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:19:43.765Z

Reserved: 2025-01-17T00:00:45.017Z

Link: CVE-2025-24273

cve-icon Vulnrichment

Updated: 2025-11-03T21:12:10.530Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:23.910

Modified: 2026-04-02T19:19:31.497

Link: CVE-2025-24273

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T03:00:10Z

Weaknesses