Meta Warns of Actively Exploited Flaw in FreeType Library

In a recent advisory, Meta has warned that a serious vulnerability exists in the widely used FreeType library, which could have been actively exploited in real-world attacks.

The vulnerability, tracked as CVE-2025-27363 and rated at a Critical Security Impact (CVSS score of 8.1), is an out-of-bounds write flaw that affects versions 2.13.0 and below of the FreeType library.

According to Meta's advisory, the vulnerable code in FreeType assigns a signed short value to an unsigned long integer and then adds a static value, causing it to wrap around and allocate too small of a heap buffer. This allows attackers to write up to 6 signed long integers out of bounds relative to this buffer, potentially leading to arbitrary code execution.

The vulnerability does not impact FreeType versions after 2.13.0, but multiple Linux distributions are using outdated library versions that make them vulnerable to attacks.

Some of the impacted Linux distributions include [list the affected distros]. Given the active exploitation of this vulnerability, it is highly recommended that users update their installations to the latest version of FreeType 2.13.3 as soon as possible.

This advisory serves as a reminder to keep software up-to-date and to be vigilant about potential security threats in the wild. It also highlights the importance of staying informed about the latest vulnerabilities and patches through reputable sources, such as Meta and Linux distribution maintainers.

Stay Informed

For the latest updates on this vulnerability and other security alerts, follow me on Twitter: @securityaffairs and Facebook and Mastodon.

This advisory is a call to action for users and administrators to take immediate action to protect themselves from potential attacks. By staying informed and keeping software up-to-date, we can all do our part in preventing the spread of malware and other security threats.