Official Released April 16, 2025

Preface: The Reconfigurable Processing Architecture Core (RPAC) in Apple iOS is a component found in newer Apple Silicon chips. Its major function is to enhance the security and performance of the system by providing a flexible and efficient processing architecture. RPAC is designed to support various computational tasks and can be dynamically reconfigured to optimize performance for different applications.

Background: Arbitrary read and write refer to the ability of an attacker to read from or write to any memory location within a system.

Buffer overflows are a common cause of arbitrary read and write vulnerabilities, but in this CVE, the issue is related to how the RPAC component handles memory and security checks.

RPAC uses PAC to protect against memory corruption attacks. PAC works by cryptographically signing pointers, such as return addresses, to ensure they haven’t been tampered with. This helps prevent unauthorized modifications and ensures the integrity of memory operations.

RPAC performs various security checks to validate memory access and operations. These checks help detect and guard against unexpected changes to pointers and other critical data structures

Vulnerability details: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Official announcement: Please see the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-31201