Almost certainly some kind of zero click/zero user action RCE exploit.

Edit: I should've read, "Impact: Processing a malicious image file may result in memory corruption."

So simply receiving an image via SMS or loading it in some other way likely accomplishes the initial exploit, so yeah, zero click exploit. Always bad.