Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
Published: 2025-03-31
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Potential kernel memory corruption leading to system termination
Action: Immediate patch
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write that attacks kernel memory boundaries. An application may trigger the issue, resulting in unexpected system termination or corrupting memory used by the operating system. This flaw is a classic memory reliability issue (CWE‑787) and can compromise integrity of the kernel, potentially enabling further exploitation.

Affected Systems

Apple macOS systems are affected. The problem was fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. All earlier releases of these operating system families are vulnerable until updated to the specified versions or newer.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity. The EPSS score is less than 1 %, meaning the probability of exploitation now is low, and it is not listed in the CISA KEV catalog. The attack vector is inferred to be local, likely requiring that a malicious or vulnerable application runs with kernel‑level privileges. Exploitation would corrupt kernel memory or crash the system, potentially serving as a foothold for further attacks.

Generated by OpenCVE AI on April 28, 2026 at 03:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest macOS update that includes the fix (Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5 or newer).
  • For systems that cannot be updated immediately, avoid running applications with elevated privileges that could trigger the out‑of‑bounds write, and monitor system stability for signs of kernel memory corruption.
  • Keep third‑party software updated and perform regular integrity checks on system files to detect potential corruption caused by this vulnerability.

Generated by OpenCVE AI on April 28, 2026 at 03:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8906 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
History

Tue, 28 Apr 2026 03:30:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Write Allowing Kernel Memory Corruption in macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory. An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Fri, 04 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Thu, 03 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:11:21.712Z

Reserved: 2025-03-22T00:04:43.722Z

Link: CVE-2025-30464

cve-icon Vulnrichment

Updated: 2025-11-03T21:16:05.050Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:27.777

Modified: 2026-04-02T19:19:41.477

Link: CVE-2025-30464

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T03:15:05Z

Weaknesses