CVE-2025-30427: Use After Free
Published Mar 31, 2025
·Updated
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Other sources
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
— Debian
Accessibility. A logging issue was addressed with improved data redaction.
— Apple
AccountPolicy. This issue was addressed by removing the vulnerable code.
— Apple
Accounts. This issue was addressed with improved data access restriction.
— Apple
AirDrop. A permissions issue was addressed with additional restrictions.
— Apple
Credit
Google V8 Security Team, Francisco Alonso@@revskills, an anonymous researcher, Muhammad Zaid Ghifari (Mr.ZheeV), Kalimantan Utara, rheza@@ginggilBesel, PixiePoint Security, Andreas Hegenberg (folivora.AI GmbH), @@RenwaX23, Jaydev Ahire, Syarif Muhammad Sajjad, Alexander Heinrich@@Sn0wfreeze, SEEMOO, TU Darmstadt & Mathy Vanhoef@@vanhoefm, Jeroen Robben@@RobbenJeroen, DistriNet, KU Leuven, Vsevolod Kokorin (Slonser)(Solidlab), Gary Kwong, Paul Bakker(ParagonERP), Martin Kreichgauer(Google Chrome), Lehan Dilusha@@zafer, Uri Katz (Oligo Security), Hossein Lotfi@@hosselot(Trend Micro Zero Day Initiative), Yutong Xiu@@Sou1gh0st, Denis Tokarev@@illusionofcha0s, Kirin@@Pwnrin, CVE-2025-24085, CVE-2024-9681, LFY@@secsys(Fudan University), Anonymous(Trend Micro Zero Day Initiative), Michael (Biscuit) Thomas - @social.lol@@biscuit, Ian Beer(Google Project Zero), CVE-2025-27113, CVE-2024-56171, Jimmy, Jax Reissner, Mickey Jin@@patch1t, Bing Shi(Alibaba Group), Wenchao Li(Alibaba Group), Xiaolong Bai(Alibaba Group), Luyi Xing(Indiana University Bloomington), Andrew James Gonzalez, Richard Hyunho Im with routezero.security@@richeeta, YingQi Shi@@Mas0nShi(DBAppSecurity's WeBin lab), Minghao Lin@@Y1nKoc, Apple, Lukas Bernhard, Tashita Software Security, Xiangwei Zhang(Tencent Security YUNDING LAB), linjy(HKUS3Lab), chluo(WHUSecLab), Brendon Tiszka(Google Project Zero), Dominik Rath, Google Threat Analysis Group, wac(Trend Micro Zero Day Initiative), Andr.Ess, Wang Yu(Cyberserval), CVE-2024-48958, Alex Radocea(Supernetworks), Dave G.(Supernetworks), 风沐云烟@@binary_fmyy, Jonathan Bar Or@@yo_yo_yo_jbo(Microsoft), Alexia Wilson(Microsoft), Christine Fossaceca(Microsoft), Halle Winkler, Politepix theoffcuts.org, pattern-f@@pattern_F_, Bohdan Stasiuk@@bohdan_stasiuk, Ron Masas(BREAKPOINT), Zhongcheng Li(IES Red Team of ByteDance), Gergely Kalman@@gergely_kalman, mzzzz__, Florian Draschbacher, Dalibor Milanovic, Wojciech Regula(SecuRing), Abhay Kailasia@@abhay_kailasia(C), Chi Yuan Chang(ZUSO ART), taikosoup, Claudio Bozzato(Cisco Talos), Francesco Benvenuto(Cisco Talos), Jeffrey Hofmann, Ian Mckay@@iann0036, Csaba Fitzl@@theevilbit(Kandji), Nolan Astrein(Kandji), Stephan Casas, Rodolphe BRUNETTI@@eisw0lf(Lupus Nova), Pietro Francesco Tirenna(Shielder), Davide Silvetti(Shielder), Abdel Adim Oisfi(Shielder), luckyu@@uuulucky, Rodolphe BRUNETTI@@eisw0lf, Manuel Fernandez (Stackhopper Security), ABC Research s.r.o., Murray Mike, Dayton Pidhirney(Atredis Partners), Lyutoon, YenKoc, Ye Zhang@@VAR10CK(Baidu Security), Koh M. Nakagawa@@tsunek0h(FFRI Security Inc), Joseph Ravichandran@@0xjprx(MIT CSAIL), Kenneth Chew, Paweł Płatek (Trail(Bits), Diamant Osmani & Valdrin Haliti [Kosovë], dbpeppe, Solitechworld, Pwn2car, Alhour@@NSAntoine, Mickey Jin@@patch1t(Kandji), (Kandji), Pedro Tôrres@@t0rr3sp3dr0, Noah Gregory (wts.dev), CVE-2023-27043, Yiğit Can YILMAZ@@yilmazcanyigit, Arsenii Kostromin (0x3c3e), Rodolphe Brunetti@@eisw0lf(Lupus Nova), Dolf Hoegaerts, Michiel Devliegere, K宝@@Pwnrin, Tong Liu@@Lyutoon_, 风(binary_fmyy), F00L, Dave G., zbleet(QI), Cristian Dinca(Computer Science), Romania, 风沐云烟 (binary_fmyy), Kirin, FlowerCode, Zhongquan Li@@Guluisacat, Pedro José Pereira Vieito / pvieito.com)@@pvieito
Affected Software
17 affected componentsFixes available
Apple Safari<18.4
18.4
debian/webkit2gtk<=2.44.2-1~deb11u1, <=2.46.6-1~deb11u1, <=2.46.6-1~deb12u1
2.48.1-2~deb12u12.48.1-2
debian/wpewebkit<=2.38.6-1~deb11u1, <=2.38.6-1
2.48.1-1
Apple WatchOS<11.4
11.4
Apple iOS<18.4
18.4
Apple iPadOS<18.4
18.4
Apple tvOS<18.4
18.4
Apple macOS Sequoia<15.4
15.4
Apple Safari<18.4
Apple iPadOS<17.7.6
Apple iPadOS>=18.0<18.4
Apple iPhone OS<18.4
Apple macOS>=15.0<15.4
Apple tvOS<18.4
Apple visionOS<2.4
Apple visionOS<2.4
2.4
Apple iPadOS<17.7.6
17.7.6
Event History
Mar 31, 2025
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
Updated
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
Affected Software
CVE Published
via MITRE·10:24 PM
Data Sourced
via MITRE·10:24 PM
DescriptionWeakness
Data Sourced
via NVD·11:15 PM
DescriptionSeverityWeaknessAffected Software
Apr 1, 2025
Updated
via Apple·12:00 AM
DescriptionWeaknessAffected Software
News Published
via BleepingComputer·01:35 PM
News Published
via BleepingComputer·01:36 PM
Apr 5, 2025
Known Exploited
01:36 PM
Apr 7, 2025
Data Sourced
via Red Hat·02:33 PM
DescriptionSeverityAffected Software
Apr 15, 2025
Data Sourced
via Ubuntu·12:43 AM
RemedyDescriptionSeverityAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2025-24180
- CVE-2025-24113
- CVE-2025-30467
- CVE-2025-31192
- CVE-2025-24167
- CVE-2025-31184
- CVE-2025-24192
- CVE-2025-24264
- CVE-2025-24216
- CVE-2025-24213
- CVE-2025-24209
- CVE-2025-24208
- CVE-2025-30427
- CVE-2025-30425
- CVE-2025-24200
- CVE-2025-24201
- CVE-2025-24085
- CVE-2025-30456
- CVE-2025-24097
- CVE-2025-31182
- CVE-2025-24228
- CVE-2025-24267
- CVE-2025-24178
- CVE-2025-24251
- CVE-2025-24244
- CVE-2025-24243
- CVE-2025-30430
- CVE-2025-24237
- CVE-2025-30429
- CVE-2025-24212
- CVE-2025-24163
- CVE-2025-24230
- CVE-2025-24190
- CVE-2025-30454
- CVE-2025-31191
- CVE-2025-24182
- CVE-2025-31203
- CVE-2024-9681
- CVE-2025-30439
- CVE-2025-24283
- CVE-2025-30447
- CVE-2025-24210
- CVE-2025-24257
- CVE-2025-30432
- CVE-2024-48958
- CVE-2025-24194
- CVE-2025-27113
- CVE-2024-56171
- CVE-2025-24238
- CVE-2025-30470
- CVE-2025-30426
- CVE-2025-24173
- CVE-2025-30471
- CVE-2025-30438
- CVE-2025-30433
- CVE-2025-31183
- CVE-2025-24217
- CVE-2025-24214
- CVE-2025-24202
- CVE-2025-24221
- CVE-2025-24271
- CVE-2025-24270
- CVE-2025-31202
- CVE-2025-24252
- CVE-2025-24206
- CVE-2025-30445
- CVE-2025-31197
- CVE-2025-24211
- CVE-2025-30463
- CVE-2025-30434
- CVE-2025-24193
- CVE-2025-30428
- CVE-2025-30469
- CVE-2025-24095
- CVE-2025-24205
- CVE-2025-24198
- CVE-2025-24234
- CVE-2025-24276
- CVE-2025-24272
- CVE-2025-24239
- CVE-2025-24233
- CVE-2025-30443
- CVE-2025-24245
- CVE-2025-30460
- CVE-2025-24215
- CVE-2025-24236
- CVE-2025-24277
- CVE-2025-24255
- CVE-2025-30455
- CVE-2025-31187
- CVE-2025-30462
- CVE-2025-30451
- CVE-2025-24281
- CVE-2025-30461
- CVE-2025-24199
- CVE-2025-30464
- CVE-2025-24273
- CVE-2025-24256
- CVE-2025-24249
- CVE-2025-24229
- CVE-2025-30437
- CVE-2025-24235
- CVE-2025-24204
- CVE-2025-24203
- CVE-2025-24196
- CVE-2025-24148
- CVE-2025-24195
- CVE-2025-24172
- CVE-2025-30450
- CVE-2025-24262
- CVE-2025-24232
- CVE-2025-24246
- CVE-2025-24261
- CVE-2025-24164
- CVE-2025-30446
- CVE-2025-24259
- CVE-2025-30424
- CVE-2023-27043
- CVE-2025-24191
- CVE-2025-24093
- CVE-2025-30452
- CVE-2025-24181
- CVE-2025-30458
- CVE-2025-24250
- CVE-2025-30465
- CVE-2025-24280
- CVE-2025-31194
- CVE-2025-30435
- CVE-2025-24248
- CVE-2025-24269
- CVE-2025-30444
- CVE-2025-24260
- CVE-2025-24282
- CVE-2025-24254
- CVE-2025-24231
- CVE-2025-24263
- CVE-2025-24207
- CVE-2025-30449
- CVE-2025-24253
- CVE-2025-24240
- CVE-2025-31188
- CVE-2025-24218
- CVE-2025-24278
- CVE-2025-24242
- CVE-2025-30457
- CVE-2025-24279
- CVE-2025-24247
- CVE-2025-24241
- CVE-2025-24266
- CVE-2025-24265
- CVE-2025-24157
- CVE-2025-30466
- CVE-2025-24131
- CVE-2025-24177
- CVE-2025-24179
- CVE-2025-43205
- CVE-2024-54543
- CVE-2024-54534
- CVE-2024-54508
- CVE-2024-54502
- CVE-2025-31196
- CVE-2025-31199
- CVE-2025-24220
- CVE-2025-30436
- CVE-2025-31272
- CVE-2025-24170
- CVE-2025-31189
- CVE-2025-30453
- CVE-2025-24258
- CVE-2025-30431
- CVE-2025-30448
- CVE-2025-31263
- CVE-2025-31231
- CVE-2025-31264
- CVE-2025-46308
- CVE-2025-24284
- CVE-2025-30459
- CVE-2025-24268
- CVE-2025-43184
- CVE-2025-24165
- CVE-2025-30442
- CVE-2025-31261
- CVE-2025-46293
- CVE-2025-43278
- CVE-2025-31195
- CVE-2025-31198
Frequently Asked Questions
1
What is the severity of CVE-2025-30427?
CVE-2025-30427 is rated as a high-severity vulnerability due to its potential to cause crashes in Safari through malicious web content.
2
How do I fix CVE-2025-30427?
To mitigate CVE-2025-30427, upgrade to Safari 18.4 or newer, or another affected product version as specified by Apple.
3
Which devices are affected by CVE-2025-30427?
CVE-2025-30427 affects Apple devices running versions of Safari, iOS, iPadOS, tvOS, watchOS, and macOS prior to the latest updates.
4
What type of vulnerability is CVE-2025-30427?
CVE-2025-30427 is classified as a use-after-free vulnerability, which can be exploited by processing malicious web content.
5
Has CVE-2025-30427 been patched?
Yes, CVE-2025-30427 has been addressed with improved memory management in the latest software updates from Apple.