freetype-2.10.4-9.el9.ML.2
エラータID: AXSA:2025-9776:01
リリース日:
2025/03/19 Wednesday - 14:10
題名:
freetype-2.10.4-9.el9.ML.2
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeType には、整数値の符号および型の取り違えに起因した
メモリ領域の範囲外書き込みの問題があるため、リモートの
攻撃者により、TrueType GX および可変フォントファイルに
関連するサブグリフ構造の解析処理を介して、任意のコードの
実行を可能とする脆弱性が存在します。(CVE-2025-27363)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
追加情報:
N/A
ダウンロード:
SRPMS
- freetype-2.10.4-9.el9.ML.2.src.rpm
MD5: 2a11efb7cd4e9048bfb1e65cb9e0b213
SHA-256: 629a40129d39664f88dfc1c6a5e780551b63d9282c43a11c0f71d594ee739fb1
Size: 4.55 MB
Asianux Server 9 for x86_64
- freetype-2.10.4-9.el9.ML.2.i686.rpm
MD5: 8cc4c655f74ef590233b398344cac4d8
SHA-256: 0e1ea262b2b83cf901e833fcea4eeaa6034010e039006e231f919e1f6530252e
Size: 394.65 kB - freetype-2.10.4-9.el9.ML.2.x86_64.rpm
MD5: c38814cbfa68aeb685beaa62898ea074
SHA-256: 2d3df03b4cc9b3c023bfa155f6ad7bfa16e2801e5fe3cbc04cfa54c44dd8439c
Size: 385.91 kB - freetype-devel-2.10.4-9.el9.ML.2.i686.rpm
MD5: 7740d238a9bb166c2e13d7ab97500972
SHA-256: 3258e6725743291a3268db5043b5d68759aa79188bc741c861b67f664d71cc41
Size: 1.10 MB - freetype-devel-2.10.4-9.el9.ML.2.x86_64.rpm
MD5: 91da5bcba6478acb27efc4ed9e226fa5
SHA-256: a0608c87127310c8694b6fc83132c3ea9128aeb68893b5ab5914afee14d9463c
Size: 1.10 MB