Description
A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.
Published: 2025-05-12
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service through unexpected system termination
Action: Apply patch
AI Analysis

Impact

The vulnerability is a double free flaw that undermines memory management. When improperly coded or malicious applications trigger the flaw, the operating system may terminate unexpectedly, resulting in a denial‑of‑service condition. The weakness is identified as CWE‑415 and primarily impacts system availability rather than enabling code execution.

Affected Systems

Apple iPadOS and macOS are affected. Vulnerable builds include any iPadOS version prior to 17.7.7, macOS Sequoia prior to 15.5, macOS Sonoma prior to 14.7.6, and macOS Ventura prior to 13.7.6. The issue is resolved in the listed patch releases and later.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, and the EPSS score of less than 1% reflects a low current exploitation likelihood. The vulnerability is not listed in CISA’s KEV catalog, suggesting no widely documented active exploits. Exploitation would likely require the attacker to deliver or induce the targeted application to run locally, and may not be remotely exploitable without such a vector.

Generated by OpenCVE AI on April 28, 2026 at 02:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 or newer releases.
  • If the double free is triggered by a specific application, uninstall or block that application until an update is available and ensure it runs under the minimal privileges allowed by the system.
  • Continuously monitor system logs for unexpected shutdowns and maintain a regular update schedule to avoid re‑exposure.

Generated by OpenCVE AI on April 28, 2026 at 02:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-14775 A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.
History

Tue, 28 Apr 2026 02:30:00 +0000

Type Values Removed Values Added
Title Double Free Leading to Unexpected System Termination in iPadOS and macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination. A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 27 May 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple macos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple macos

Tue, 13 May 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-415
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 May 2025 21:45:00 +0000

Type Values Removed Values Added
Description A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.
References

Subscriptions

Apple Ipados Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:47.358Z

Reserved: 2025-03-27T16:13:58.323Z

Link: CVE-2025-31235

cve-icon Vulnrichment

Updated: 2025-11-03T19:51:06.148Z

cve-icon NVD

Status : Modified

Published: 2025-05-12T22:15:23.910

Modified: 2026-04-02T19:19:52.380

Link: CVE-2025-31235

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T02:15:18Z

Weaknesses