CVE-2022-27405

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeType (affected versions not specified)

Description The issue is related to a segmentation violation via the FNT Size Request function, which can be exploited by a remote attacker to cause a denial of service. Additionally, there is a possible out of bounds read due to a missing bounds check in the ft open face internal function of ftobjs.c, potentially leading to remote information disclosure without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2022:7745

ALSA-2022:8340

ALT-PU-2022-1636

ALT-PU-2024-14219

ALT-PU-2024-8906

ASB-A-271680254

AZL-9580

BDU:2022-06917

CESA-2022_7745

CVE-2022-27405

INFSA-2022_8340

MGASA-2022-0184

OESA-2022-1655

OPENSUSE-SU-2022_3252-1

OPENSUSE-SU-2024:12395-1

RHSA-2022:7745

RHSA-2022:8340

RHSA-2022_7745

RHSA-2022_8340

RHSA-2024:0420

RLSA-2022:7745

RLSA-2022:8340

SUSE-SU-2022:3252-1

SUSE-SU-2022:3252-2

SUSE-SU-2025:20204-1

USN-5528-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Freetype

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2022-27405

Weakness Enumeration

Related Identifiers

Affected Products

References · 93