A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 10
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Apple Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
|
— |
18.7.2
|
|
Apple Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
|
26.0
|
26.1
|
|
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
|
— |
18.7.2
|
|
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
|
26.0
|
26.1
|
|
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
|
— |
14.8.2
|
|
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
|
15.0
|
15.7.2
|
|
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
|
26.0
|
26.1
|
|
Apple Tvos
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
|
— |
26.1
|
|
Apple Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
|
— |
26.1
|
|
Apple Watchos
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
|
— |
26.1
|
References 8
https://support.apple.com/en-us/125632
product-security@apple.com
https://support.apple.com/en-us/125633
product-security@apple.com
https://support.apple.com/en-us/125634
product-security@apple.com
https://support.apple.com/en-us/125635
product-security@apple.com
https://support.apple.com/en-us/125636
product-security@apple.com
https://support.apple.com/en-us/125637
product-security@apple.com
https://support.apple.com/en-us/125638
product-security@apple.com
https://support.apple.com/en-us/125639
product-security@apple.com