vulnerability

Alpine Linux: CVE-2025-27363: Out-of-bounds Write

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Mar 11, 2025	Aug 8, 2025	Dec 22, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Mar 11, 2025

Added

Aug 8, 2025

Modified

Dec 22, 2025

Description

An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.

Solution

alpine-linux-upgrade-freetype

References

CVE-2025-27363
https://attackerkb.com/topics/CVE-2025-27363
URL-https://security.alpinelinux.org/vuln/CVE-2025-27363
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today