Primary

Context

Apple iOS and iPadOS Buffer Overflow Vulnerability in Telephony Framework Allowing Kernel Memory Corruption

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the Telephony framework of Apple iOS and iPadOS. This issue allows a remote user to cause unexpected system termination or corrupt kernel memory. The vulnerability has been addressed with improved bounds checking and affects iOS devices including iPhone 11 and later, various iPad Pro models, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.

Impact

Exploitation of this vulnerability can lead to unexpected system termination or corruption of kernel memory.

Remediation

Users can update to iOS 26.4 or iPadOS 26.4 to address this vulnerability.

Added: Mar 25, 2026, 1:56 AM

Updated: Mar 25, 2026, 1:56 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

5.0

exploitability

4.7

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

5.0

exploitability

4.7

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple iOS and iPadOS Buffer Overflow Vulnerability in Telephony Framework Allowing Kernel Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

Apple iPadOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating