What is the severity of CVE-2025-24134?

The severity of CVE-2025-24134 is classified as high due to potential exploitation of the vulnerabilities in AirPlay.

How do I fix CVE-2025-24134?

To fix CVE-2025-24134, ensure that you update your Apple macOS Sequoia to version 15.3 or later.

What vulnerabilities does CVE-2025-24134 address?

CVE-2025-24134 addresses multiple vulnerabilities including null pointer dereference, type confusion, and input validation issues in AirPlay.

Which operating systems are affected by CVE-2025-24134?

CVE-2025-24134 primarily affects Apple macOS Sequoia up to version 15.3.

What are the potential impacts of CVE-2025-24134?

The potential impacts of CVE-2025-24134 include information disclosure and the potential for code execution due to memory handling issues.

Vulnerability/
CVE-2025-24134

medium

5.5

CWE

416 20 476

EPSS

0.043%

27/1/2025

18/2/2025

CVE-2025-24134: Use After Free

First published: Mon Jan 27 2025(Updated: )

AirPlay. A null pointer dereference was addressed with improved input validation.

Credit: product-security@apple.com Minghao Lin @Y1nKoc Zhejiang Universitybabywu Zhejiang University Zhejiang UniversityXingwei Lin Zhejiang UniversityWang Yu CyberservalGoogle Threat Analysis Group Desmond Trend Micro Zero Day InitiativePwn2car & Rotiple (HyeongSeok Jang) Trend Micro Zero Day InitiativeCVE-2025-24085 Kirin @Pwnrin Matej Moravec @MacejkoMoravec Arsenii Kostromin (0x3c3e) Joshua Jones DongJun Kim @smlijun JongSeong Kim in Enki WhiteHat @nevul37 D4m0n Joseph Ravichandran @0xjprx MIT CSAILan anonymous researcher pattern-f @pattern_F_ Michael (Biscuit) Thomas @social.lol) @biscuit 云散 Mickey Jin @patch1t Pedro Tôrres @t0rr3sp3dr0 Josh Parnham @joshparnham 神罚 @Pwnrin @RenwaX23 Michael DePlante @izobashi Trend Micro Zero Day InitiativeZhongquan Li @Guluisacat Hossein Lotfi @hosselot Trend Micro Zero Day InitiativeRodolphe BRUNETTI @eisw0lf Lupus NovaYann GASCUEL Alter SolutionsAdam M. Q1IQ @q1iqF NUS CuriOSityP1umer @p1umer Imperial Global Singaporelinjy HKUS3Labchluo WHUSecLabJohan Carlsson (joaxcar) PixiePoint Security Bohdan Stasiuk @Bohdan_Stasiuk Uri Katz (Oligo Security)

Affected Software	Affected Version	How to fix
macOS	<15.3
macOS	<15.3	15.3

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/122068 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

APPLE-122068

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2025-24126
CVE-2025-24129
CVE-2025-24131
CVE-2025-24177
CVE-2025-24137
CVE-2025-24087
CVE-2025-24112
CVE-2025-24100
CVE-2025-24109
CVE-2025-24114
CVE-2025-24121
CVE-2025-24122
CVE-2025-24127
CVE-2025-24106
CVE-2025-24160
CVE-2025-24161
CVE-2025-24163
CVE-2025-24123
CVE-2025-24124
CVE-2025-24085
CVE-2025-24102
CVE-2025-24134
CVE-2025-24140
CVE-2025-24174
CVE-2025-24086
CVE-2025-24118
CVE-2025-24107
CVE-2025-24159
CVE-2025-24094
CVE-2025-24115
CVE-2025-24116
CVE-2025-24117
CVE-2025-24136
CVE-2025-24101
CVE-2025-24096
CVE-2025-24099
CVE-2025-24130
CVE-2025-24169
CVE-2025-24146
CVE-2025-24128
CVE-2025-24113
CVE-2025-24149
CVE-2025-24103
CVE-2025-24108
CVE-2025-24139
CVE-2025-24151
CVE-2025-24152
CVE-2025-24153
CVE-2025-24138
CVE-2025-24176
CVE-2025-24135
CVE-2025-24145
CVE-2025-24092
CVE-2025-24154
CVE-2025-24143
CVE-2025-24158
CVE-2025-24162
CVE-2025-24150
CVE-2025-24120
CVE-2025-24156

Frequently Asked Questions

What is the severity of CVE-2025-24134?
The severity of CVE-2025-24134 is classified as high due to potential exploitation of the vulnerabilities in AirPlay.
How do I fix CVE-2025-24134?
To fix CVE-2025-24134, ensure that you update your Apple macOS Sequoia to version 15.3 or later.
What vulnerabilities does CVE-2025-24134 address?
CVE-2025-24134 addresses multiple vulnerabilities including null pointer dereference, type confusion, and input validation issues in AirPlay.
Which operating systems are affected by CVE-2025-24134?
CVE-2025-24134 primarily affects Apple macOS Sequoia up to version 15.3.
What are the potential impacts of CVE-2025-24134?
The potential impacts of CVE-2025-24134 include information disclosure and the potential for code execution due to memory handling issues.

agent/references
agent/type
agent/severity
agent/source
agent/first-publish-date
agent/description
agent/event
agent/author
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/last-modified-date
agent/weakness
agent/epss
collector/epss-latest
source/FIRST
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/apple-support
source/Apple
alias/CVE-2025-24100
alias/CVE-2025-24109
alias/CVE-2025-24114
alias/CVE-2025-24121
alias/CVE-2025-24122
alias/CVE-2025-24127
alias/CVE-2025-24106
alias/CVE-2025-24160
alias/CVE-2025-24161
alias/CVE-2025-24163
alias/CVE-2025-24123
alias/CVE-2025-24124
alias/CVE-2025-24085
alias/CVE-2025-24102
alias/CVE-2025-24134
alias/CVE-2025-24140
alias/CVE-2025-24174
alias/CVE-2025-24086
alias/CVE-2025-24118
alias/CVE-2025-24107
alias/CVE-2025-24159
alias/CVE-2025-24094
alias/CVE-2025-24115
alias/CVE-2025-24116
alias/CVE-2025-24117
alias/CVE-2025-24136
alias/CVE-2025-24101
alias/CVE-2025-24096
alias/CVE-2025-24099
alias/CVE-2025-24130
alias/CVE-2025-24169
alias/CVE-2025-24146
alias/CVE-2025-24128
alias/CVE-2025-24113
alias/CVE-2025-24149
alias/CVE-2025-24103
alias/CVE-2025-24108
alias/CVE-2025-24139
alias/CVE-2025-24151
alias/CVE-2025-24152
alias/CVE-2025-24153
alias/CVE-2025-24138
alias/CVE-2025-24176
alias/CVE-2025-24135
alias/CVE-2025-24145
alias/CVE-2025-24092
alias/CVE-2025-24154
alias/CVE-2025-24143
alias/CVE-2025-24158
alias/CVE-2025-24162
alias/CVE-2025-24150
alias/CVE-2025-24120
alias/CVE-2025-24156
alias/CVE-2025-24131
alias/CVE-2025-24177
alias/CVE-2025-24137
alias/CVE-2025-24087
alias/CVE-2025-24112
alias/CVE-2025-24129
vendor/apple
canonical/macos