-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-01-27-2025-4 macOS Sequoia 15.3
macOS Sequoia 15.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122068. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sequoia Impact: An attacker on the local network may be able to cause unexpected system termination or corrupt process memory Description: An input validation issue was addressed. CVE-2025-24126: Uri Katz (Oligo Security) AirPlay Available for: macOS Sequoia Impact: A remote attacker may cause an unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2025-24129: Uri Katz (Oligo Security) AirPlay Available for: macOS Sequoia Impact: An attacker in a privileged position may be able to perform a denial-of-service Description: The issue was addressed with improved memory handling. CVE-2025-24131: Uri Katz (Oligo Security) AirPlay Available for: macOS Sequoia Impact: A remote attacker may be able to cause a denial-of-service Description: A null pointer dereference was addressed with improved input validation. CVE-2025-24177: Uri Katz (Oligo Security) AirPlay Available for: macOS Sequoia Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A type confusion issue was addressed with improved checks. CVE-2025-24137: Uri Katz (Oligo Security) AppKit Available for: macOS Sequoia Impact: An app may be able to access protected user data Description: The issue was addressed with additional permissions checks. CVE-2025-24087: Mickey Jin (@patch1t) AppleGraphicsControl Available for: macOS Sequoia Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24112: D4m0n AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An app may be able to access information about a user's contacts Description: A logic issue was addressed with improved restrictions. CVE-2025-24100: Kirin (@Pwnrin) AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An app may be able to access sensitive user data Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2025-24109: Bohdan Stasiuk (@Bohdan_Stasiuk) AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2025-24114: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved checks. CVE-2025-24121: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An app may be able to modify protected parts of the file system Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. CVE-2025-24122: Mickey Jin (@patch1t) ARKit Available for: macOS Sequoia Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24127: Minghao Lin (@Y1nKoc), babywu, and Xingwei Lin of Zhejiang University Audio Available for: macOS Sequoia Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24106: Wang Yu of Cyberserval CoreAudio Available for: macOS Sequoia Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24160: Google Threat Analysis Group CVE-2025-24161: Google Threat Analysis Group CVE-2025-24163: Google Threat Analysis Group CoreMedia Available for: macOS Sequoia Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24123: Desmond working with Trend Micro Zero Day Initiative CVE-2025-24124: Pwn2car & Rotiple (HyeongSeok Jang) working with Trend Micro Zero Day Initiative CoreMedia Available for: macOS Sequoia Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. Description: A use after free issue was addressed with improved memory management. CVE-2025-24085 CoreRoutine Available for: macOS Sequoia Impact: An app may be able to determine a user’s current location Description: The issue was addressed with improved checks. CVE-2025-24102: Kirin (@Pwnrin) FaceTime Available for: macOS Sequoia Impact: An app may be able to access user-sensitive data Description: An information disclosure issue was addressed with improved privacy controls. CVE-2025-24134: Kirin (@Pwnrin) iCloud Available for: macOS Sequoia Impact: Files downloaded from the internet may not have the quarantine flag applied Description: This issue was addressed through improved state management. CVE-2025-24140: Matej Moravec (@MacejkoMoravec) iCloud Photo Library Available for: macOS Sequoia Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved checks. CVE-2025-24174: Arsenii Kostromin (0x3c3e), Joshua Jones ImageIO Available for: macOS Sequoia Impact: Processing an image may lead to a denial-of-service Description: The issue was addressed with improved memory handling. CVE-2025-24086: DongJun Kim (@smlijun) and JongSeong Kim (@nevul37) in Enki WhiteHat, D4m0n Kernel Available for: macOS Sequoia Impact: An app may be able to cause unexpected system termination or write kernel memory Description: The issue was addressed with improved memory handling. CVE-2025-24118: Joseph Ravichandran (@0xjprx) of MIT CSAIL Kernel Available for: macOS Sequoia Impact: A malicious app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions. CVE-2025-24107: an anonymous researcher Kernel Available for: macOS Sequoia Impact: An app may be able to execute arbitrary code with kernel privileges Description: A validation issue was addressed with improved logic. CVE-2025-24159: pattern-f (@pattern_F_) LaunchServices Available for: macOS Sequoia Impact: An app may be able to access user-sensitive data Description: A race condition was addressed with additional validation. CVE-2025-24094: an anonymous researcher LaunchServices Available for: macOS Sequoia Impact: An app may be able to read files outside of its sandbox Description: A path handling issue was addressed with improved validation. CVE-2025-24115: an anonymous researcher LaunchServices Available for: macOS Sequoia Impact: An app may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2025-24116: an anonymous researcher LaunchServices Available for: macOS Sequoia Impact: An app may be able to fingerprint the user Description: This issue was addressed with improved redaction of sensitive information. CVE-2025-24117: Michael (Biscuit) Thomas (@bisc...@social.lol) libxslt Available for: macOS Sequoia Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This issue was addressed through improved state management. CVE-2025-24166: Ivan Fratric of Google Project Zero Login Window Available for: macOS Sequoia Impact: A malicious app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved validation of symlinks. CVE-2025-24136: 云散 Messages Available for: macOS Sequoia Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved redaction of sensitive information. CVE-2025-24101: Kirin (@Pwnrin) NSDocument Available for: macOS Sequoia Impact: A malicious app may be able to access arbitrary files Description: This issue was addressed through improved state management. CVE-2025-24096: an anonymous researcher PackageKit Available for: macOS Sequoia Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks. CVE-2025-24130: Pedro Tôrres (@t0rr3sp3dr0) Passwords Available for: macOS Sequoia Impact: A malicious app may be able to bypass browser extension authentication Description: A logging issue was addressed with improved data redaction. CVE-2025-24169: Josh Parnham (@joshparnham) Photos Storage Available for: macOS Sequoia Impact: Deleting a conversation in Messages may expose user contact information in system logging Description: This issue was addressed with improved redaction of sensitive information. CVE-2025-24146: 神罚(@Pwnrin) Safari Available for: macOS Sequoia Impact: Visiting a malicious website may lead to address bar spoofing Description: The issue was addressed by adding additional logic. CVE-2025-24128: @RenwaX23 Safari Available for: macOS Sequoia Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI. CVE-2025-24113: @RenwaX23 SceneKit Available for: macOS Sequoia Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2025-24149: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative Security Available for: macOS Sequoia Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks. CVE-2025-24103: Zhongquan Li (@Guluisacat) SharedFileList Available for: macOS Sequoia Impact: An app may be able to access protected user data Description: An access issue was addressed with additional sandbox restrictions. CVE-2025-24108: an anonymous researcher sips Available for: macOS Sequoia Impact: Parsing a maliciously crafted file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-24139: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative SMB Available for: macOS Sequoia Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling. CVE-2025-24151: an anonymous researcher CVE-2025-24152: an anonymous researcher SMB Available for: macOS Sequoia Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2025-24153: an anonymous researcher Spotlight Available for: macOS Sequoia Impact: A malicious application may be able to leak sensitive user information Description: This issue was addressed through improved state management. CVE-2025-24138: Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova StorageKit Available for: macOS Sequoia Impact: A malicious app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions. CVE-2025-24107: an anonymous researcher StorageKit Available for: macOS Sequoia Impact: A local attacker may be able to elevate their privileges Description: A permissions issue was addressed with improved validation. CVE-2025-24176: Yann GASCUEL of Alter Solutions System Extensions Available for: macOS Sequoia Impact: An app may be able to gain elevated privileges Description: This issue was addressed with improved message validation. CVE-2025-24135: Arsenii Kostromin (0x3c3e) Time Zone Available for: macOS Sequoia Impact: An app may be able to view a contact's phone number in system logs Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2025-24145: Kirin (@Pwnrin) TV App Available for: macOS Sequoia Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved data protection. CVE-2025-24092: Adam M. WebContentFilter Available for: macOS Sequoia Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds write was addressed with improved input validation. CVE-2025-24154: an anonymous researcher WebKit Available for: macOS Sequoia Impact: A maliciously crafted webpage may be able to fingerprint the user Description: The issue was addressed with improved access restrictions to the file system. WebKit Bugzilla: 283117 CVE-2025-24143: an anonymous researcher WebKit Available for: macOS Sequoia Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 283889 CVE-2025-24158: Q1IQ (@q1iqF) of NUS CuriOSity and P1umer (@p1umer) of Imperial Global Singapore. WebKit Available for: macOS Sequoia Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This issue was addressed through improved state management. WebKit Bugzilla: 284159 CVE-2025-24162: linjy of HKUS3Lab and chluo of WHUSecLab WebKit Web Inspector Available for: macOS Sequoia Impact: Copying a URL from Web Inspector may lead to command injection Description: A privacy issue was addressed with improved handling of files. WebKit Bugzilla: 283718 CVE-2025-24150: Johan Carlsson (joaxcar) WindowServer Available for: macOS Sequoia Impact: An attacker may be able to cause unexpected app termination Description: This issue was addressed by improved management of object lifetimes. CVE-2025-24120: PixiePoint Security Xsan Available for: macOS Sequoia Impact: An app may be able to elevate privileges Description: An integer overflow was addressed through improved input validation. CVE-2025-24156: an anonymous researcher Additional recognition Audio We would like to acknowledge Google Threat Analysis Group for their assistance. CoreAudio We would like to acknowledge Google Threat Analysis Group for their assistance. CoreMedia Playback We would like to acknowledge Song Hyun Bae (@bshyuunn) and Lee Dong Ha (Who4mI) for their assistance. DesktopServices We would like to acknowledge an anonymous researcher for their assistance. Files We would like to acknowledge Chi Yuan Chang of ZUSO ART and taikosoup for their assistance. Passwords We would like to acknowledge Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_co for their assistance. sips We would like to acknowledge Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative for their assistance. Static Linker We would like to acknowledge Holger Fuhrmannek for their assistance. VoiceOver We would like to acknowledge Bistrit Dahal, Dalibor Milanovic for their assistance. macOS Sequoia 15.3 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmeYAVkACgkQX+5d1TXa IvpptRAAwM6PUeAiTF3lBedPTYmZvBfXTbW/ev4unddTGVbgE2aYdT+AEVVsgd/K jgkW3EbdYQQ+9ZxVjp/dH6GmH8X/uwhANxpb+jvZU5WUiJM+zN1dg74VivLclwvJ IbV0RwuPcWPcdubKQIZ4d3953mjzNLYaVXzfYdnZK1Z291rFCN2bOuW98z3wpMWh TTH8YMz68X2JzBHp5YQy9JRPGY80dNp2Wg2G7QBTQVSfRdEQHd3WMn2Cml5oxvnk 8/L1kGTowwiC++fWZWgAknnjJ0l68MAsfkE4QdTJxUGRatCFKM4LVSgs6AZ2FGxW JPFZooSTctp5p+ST5Kq10Id2aIdMy7gFgM8xiI/IMOKJFB6tChnx5In+IcdpXKzL RMzBRVeMW5G4u8NeHkEfFwsnXXGD5cIs1qrqW5RvB0+E2xp+SD4U4V6dal/2Ie0j nfMLz6ou9qs/MHNpcNyYKM76LG/aNWwEhSa3qM21eqo1LGLA7JKEfOM9AqU/Nqmd jHCdfv6NrSO2T7W2NSxj8ZQiW75v29coYNN3MoyCtl++SIAA7yjczOyBlfzcJqXq QSyvAIbP3HALnWP77cZdAgBAh1UCPqwxPqaoSkyqmV6CCJ0B9Rmoq9aI44amujID ML7cSGCYy0f/0Z6GxrysooXq4bdPcxdL2Y39YHHhoOw55H7Bk0k= =wy4j -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
