PT-2025-25489 · Apache · Apache Nuttx
Chánh Phạm
·
Published
2025-06-14
·
Updated
2025-06-16
·
CVE-2025-47868
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apache NuttX versions 6.9 through 12.9.0
Description
An Out-of-bounds Write resulting in a possible Heap-based Buffer Overflow issue was discovered in the tools/bdf-converter font conversion utility, which is part of the Apache NuttX RTOS repository. This utility is optional and not part of the NuttX RTOS or Applications runtime. However, active users of bdf-converter may be affected when the tool is exposed to external user data.
Recommendations
For Apache NuttX versions 6.9 through 12.9.0, upgrade to version 12.9.0 to fix the issue.
Fix
Memory Corruption
Heap Based Buffer Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apache Nuttx