Meta Issues Urgent Warning on FreeType Vulnerability (CVE-2025-27363) with Active Exploitation Risk

Meta has issued an urgent alert about a critical vulnerability (CVE-2025-27363) in the FreeType library, which could allow remote code execution due to an out-of-bounds write flaw. This vulnerability affects FreeType versions 2.13.0 and earlier, and may already be actively exploited. Users are strongly advised to update to FreeType version 2.13.3 to protect against potential attacks. Several Linux distributions, including Ubuntu, Debian, and CentOS, are vulnerable to this flaw.

  Vulnerability Alerts   Mar 16, 2025  Add to Reading List
Meta Issues Urgent Warning on FreeType Vulnerability (CVE-2025-27363) with Active Exploitation Risk

Meta Alerts on Actively Exploited Security Flaw in FreeType Library (CVE-2025-27363)

Meta has raised an urgent alert about a critical security vulnerability found in the FreeType open-source font rendering library. The flaw, identified as CVE-2025-27363, carries a CVSS score of 8.1, signaling its high severity. Meta's warning indicates that this vulnerability may already be under active exploitation by attackers.

The issue stems from an out-of-bounds write flaw present in FreeType versions 2.13.0 and earlier. This vulnerability occurs when FreeType attempts to process font subglyph structures related to TrueType GX and variable font files. Meta's security advisory explains that the problematic code assigns a signed short value to an unsigned long, which leads to an overflow. This overflow results in the allocation of an incorrectly sized heap buffer, enabling attackers to write up to six long integers beyond the buffer's allocated space, which could potentially lead to arbitrary code execution.

Although Meta has not disclosed specifics about the nature of the attacks, it acknowledged that the flaw "may have been exploited in the wild." This warning suggests that threat actors may already be taking advantage of the vulnerability in real-world attacks.

The vulnerability is absent in FreeType versions released after 2.13.0, with subsequent updates addressing the issue. However, many widely-used Linux distributions continue to run outdated versions of the library, leaving them exposed to potential attacks. Affected distributions include:

  • AlmaLinux
  • Alpine Linux
  • Amazon Linux 2
  • Debian stable / Devuan
  • RHEL / CentOS Stream / Alma Linux (versions 8 and 9)
  • GNU Guix
  • Mageia
  • OpenMandriva
  • openSUSE Leap
  • Slackware
  • Ubuntu 22.04

Security experts are urging users to immediately upgrade to FreeType version 2.13.3 or higher to protect their systems from exploitation. Updating to this version is crucial for mitigating the risk of remote code execution and securing systems that depend on FreeType for font rendering.

Meta's advisory emphasizes the need for prompt action to avoid the potentially severe consequences of this vulnerability, which is already being exploited in the wild. Users should act swiftly to ensure their systems are protected by the latest security fixes.

Click Here to Visit   

Tags