Google Fixed Actively Exploited Android Flaw CVE-2025-27363
Google has addressed a high-severity vulnerability in its Android operating system, CVE-2025-27363, which was actively exploited in attacks in the wild. The company's monthly security updates for Android patched 46 flaws, including this critical issue. According to the Android Security Bulletin—May 2025, the most severe vulnerability is located in the System component and can lead to local code execution with no additional execution privileges needed.
Successful exploitation of this vulnerability does not require user interaction, making it a highly dangerous threat. The bulletin also notes that there are indications that CVE-2025-27363 may be under limited, targeted exploitation.
A Vulnerability in the FreeType Library
In mid-March, Meta warned about an out-of-bounds write vulnerability, tracked as CVE-2025-27363, in the FreeType library. This issue affects FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.
The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer, which may result in arbitrary code execution.
Experts Warn of Vulnerable Linux Distributions
The vulnerability does not impact FreeType versions after 2.13.0. However, multiple Linux distributions are using an outdated library version, making them vulnerable to attacks.
Experts caution that exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. As a result, they encourage all users to update to the latest version of Android where possible.
Conclusion
Google's monthly security updates have fixed a critical vulnerability in its Android operating system. While the company has not disclosed details on the attacks exploiting this vulnerability, attackers, or attack scale, it is essential for users to stay up-to-date with the latest security patches to protect themselves from potential threats.
Stay Safe Online
Remember to follow best practices for online security and regularly update your devices to ensure you have the latest protection against emerging threats. For more information on Android security updates, visit
Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs – hacking, Android)