CVE-2025-31257
Published: May 16, 2025Last modified: October 30, 2025
Description
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 4.7 |
| Attack Vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | LOW |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | openjdk11 | Fixed (11.0.29_p10-r0) |
| openjdk11-container-jre | Fixed (11.0.29_p10-r0) | ||
| openjdk11-lite | Fixed (11.0.29_p10-r0) | ||
| openjdk17 | Fixed (17.0.17_p11-r0) | ||
| openjdk17-container-jre | Fixed (17.0.17_p11-r0) | ||
| openjdk17-crac | Fixed (17.0.17_p12-r0) | ||
| openjdk17-lite | Fixed (17.0.17_p11-r0) | ||
| openjdk21 | Fixed (21.0.9_p11-r0) | ||
| openjdk21-container-jre | Fixed (21.0.9_p11-r0) | ||
| openjdk21-lite | Fixed (21.0.9_p11-r0) | ||
| openjdk25 | Fixed (25.0.1_p11-r0) | ||
| openjdk25-container-jre | Fixed (25.0.1_p11-r0) | ||
| openjdk25-lite | Fixed (25.0.1_p11-r0) | ||
| 25 LTS | openjdk11 | Fixed (11.0.29_p10-r0) | |
| openjdk11-container-jre | Fixed (11.0.29_p10-r0) | ||
| openjdk11-lite | Fixed (11.0.29_p10-r0) | ||
| openjdk17 | Fixed (17.0.17_p11-r0) | ||
| openjdk17-container-jre | Fixed (17.0.17_p11-r0) | ||
| openjdk17-crac | Fixed (17.0.17_p12-r0) | ||
| openjdk17-lite | Fixed (17.0.17_p11-r0) | ||
| openjdk21 | Fixed (21.0.9_p11-r0) | ||
| openjdk21-container-jre | Fixed (21.0.9_p11-r0) | ||
| openjdk21-crac | Fixed (21.0.9_p12-r0) | ||
| openjdk21-lite | Fixed (21.0.9_p11-r0) | ||
| openjdk25 | Fixed (25.0.1_p11-r0) | ||
| openjdk25-container-jre | Fixed (25.0.1_p11-r0) | ||
| openjdk25-lite | Fixed (25.0.1_p11-r0) | ||
| openjdk8 | Fixed (8.472_p9-r0) | ||
| Stream | openjdk11 | Fixed (11.0.29_p10-r0) | |
| openjdk11-container-jre | Fixed (11.0.29_p10-r0) | ||
| openjdk11-lite | Fixed (11.0.29_p10-r0) | ||
| openjdk17 | Fixed (17.0.17_p11-r0) | ||
| openjdk17-container-jre | Fixed (17.0.17_p11-r0) | ||
| openjdk17-crac | Fixed (17.0.17_p12-r0) | ||
| openjdk17-lite | Fixed (17.0.17_p11-r0) | ||
| openjdk21 | Fixed (21.0.9_p11-r0) | ||
| openjdk21-container-jre | Fixed (21.0.9_p11-r0) | ||
| openjdk21-crac | Fixed (21.0.9_p12-r0) | ||
| openjdk21-lite | Fixed (21.0.9_p11-r0) | ||
| openjdk25 | Fixed (25.0.1_p11-r0) | ||
| openjdk25-container-jre | Fixed (25.0.1_p11-r0) | ||
| openjdk25-lite | Fixed (25.0.1_p11-r0) | ||
| Hardened Containers | 23 LTS | openjdk11-container-jre | Fixed (11.0.29_p10-r0) |
| openjdk11-lite | Fixed (11.0.29_p10-r0) | ||
| openjdk17-container-jre | Fixed (17.0.17_p11-r0) | ||
| openjdk17-crac | Fixed (17.0.17_p12-r0) | ||
| openjdk17-lite | Fixed (17.0.17_p11-r0) | ||
| openjdk21-container-jre | Fixed (21.0.9_p11-r0) | ||
| openjdk21-lite | Fixed (21.0.9_p11-r0) | ||
| openjdk25-container-jre | Fixed (25.0.1_p11-r0) | ||
| openjdk25-lite | Fixed (25.0.1_p11-r0) | ||
| Stream | openjdk11-container-jre | Fixed (11.0.29_p10-r0) | |
| openjdk11-lite | Fixed (11.0.29_p10-r0) | ||
| openjdk17-container-jre | Fixed (17.0.17_p11-r0) | ||
| openjdk17-crac | Fixed (17.0.17_p12-r0) | ||
| openjdk17-lite | Fixed (17.0.17_p11-r0) | ||
| openjdk21-container-jre | Fixed (21.0.9_p11-r0) | ||
| openjdk21-crac | Fixed (21.0.9_p12-r0) | ||
| openjdk21-lite | Fixed (21.0.9_p11-r0) | ||
| openjdk25-container-jre | Fixed (25.0.1_p11-r0) | ||
| openjdk25-lite | Fixed (25.0.1_p11-r0) | ||
| Liberica JDK | 8 | jdk-full | Fixed (8u472+9) |
| jre-full | Fixed (8u472+9) | ||
| 11 | jdk-full | Fixed (11.0.29+10) | |
| jre-full | Fixed (11.0.29+10) | ||
| 17 | jdk-full | Fixed (17.0.17+11) | |
| jre-full | Fixed (17.0.17+11) | ||
| 21 | jdk-full | Fixed (21.0.9+11) | |
| jre-full | Fixed (21.0.9+11) | ||
| 25 | jdk-full | Fixed (25.0.1+11) | |
| jre-full | Fixed (25.0.1+11) |
References
- http://seclists.org/fulldisclosure/2025/May/11
- http://seclists.org/fulldisclosure/2025/May/12
- http://seclists.org/fulldisclosure/2025/May/13
- http://seclists.org/fulldisclosure/2025/May/5
- http://seclists.org/fulldisclosure/2025/May/7
- https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html
- https://support.apple.com/en-us/122404
- https://support.apple.com/en-us/122716
- https://support.apple.com/en-us/122719
- https://support.apple.com/en-us/122720
- https://support.apple.com/en-us/122721
- https://support.apple.com/en-us/122722