Researchers warn of critical flaw in iPadOS, macOS Sequoia and macOS Sonoma
Take action: If you needed another good reason to update your macOS and iPadOS, this is it. Another critical flaw in the operating systems, this time with a public PoC writeup. Expect quick use of the PoC by hackers. Better yet - patch your Mac and iPad
Learn More
A critical kernel vulnerability has been discovered in Apple's operating systems iPadOS and macOS
The vulnerability is tracked as CVE-2025-24118 (CVSS score 9.8) and affects the XNU kernel's credential handling mechanism. It stems from an interaction of multiple kernel components: Safe Memory Reclamation (SMR), per-thread credentials, read-only page mappings, and memcpy behavior. This combination results in a race condition that enables unauthorized credential modification.
The flaw targets process credentials stored in read-only structures that are typically protected by Safe Memory Reclamation to prevent corruption.
If successfully exploited, the vulnerability could lead to:
- Privilege escalation
- Memory corruption
- Kernel-level code execution
- Unexpected system termination
- Unauthorized writing to kernel memory
A PoC is published on GitHub (in Korean)
Affected Products:
- macOS Sonoma versions prior to 14.7.3
- macOS Sequoia versions prior to 15.3
- iPadOS versions prior to 17.7.4
Apple has addressed this vulnerability in their January 27th security update by implementing improved memory handling mechanisms. The patch has been rolled out in:
- iPadOS 17.7.4
- macOS Sequoia 15.3
- macOS Sonoma 14.7.3
Users are strongly advised to update their devices immediately. Updates can be applied through:
- Mac: System Settings > Software Updates
- iPad: Settings > General > Software Update
