This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Related CVEs

CVE-2025-31201

Key Information

GHSA ID

GHSA-q4hh-vrvh-r4h7

Published

April 16, 2025 9:30 PM

Last Modified

April 16, 2025 9:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: October 5, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.