← Back to CVEs
CVE-2025-27363
HIGHCISA KEV8.1
Description
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVE Details
CVSS v3.1 Score8.1
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
Published3/11/2025
Last Modified4/20/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorFreeType
ProductFreeType
Vulnerability NameFreeType Out-of-Bounds Write Vulnerability
KEV Date Added2025-05-06
Remediation Due Date2025-05-27
Ransomware UseUnknown
Affected Products
debian:debian_linuxfreetype:freetype
Weaknesses (CWE)
CWE-787
References
https://www.facebook.com/security/advisories/cve-2025-27363(cve-assign@fb.com)
http://www.openwall.com/lists/oss-security/2025/03/13/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/13/11(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/13/12(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/13/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/13/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/13/8(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/14/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/14/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/14/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/14/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/05/06/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2026/04/16/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2026/04/19/3(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/03/msg00030.html(af854a3a-2127-422b-91ae-364da2661108)
https://source.android.com/docs/security/bulletin/2025-05-01(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-27363(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.