Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-7352-2)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.12.2025.7352.2

Kategorie: Ubuntu Local Security Checks

Titel: Ubuntu: Security Advisory (USN-7352-2)

Zusammenfassung: The remote host is missing an update for the 'freetype' package(s) announced via the USN-7352-2 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'freetype' package(s) announced via the USN-7352-2 advisory.

Vulnerability Insight:
USN-7352-1 fixed a vulnerability in FreeType. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This
update also fixes an additional vulnerability in Ubuntu 14.04 LTS.

Original advisory details:

It was discovered that FreeType incorrectly handled certain memory
operations when parsing font subglyph structures. A remote attacker could
use this issue to cause FreeType to crash, resulting in a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2025-27363)

Additional advisory details:

It was discovered that FreeType incorrectly handled certain memory
operations during typical execution. An attacker could possibly use
this issue to cause FreeType to crash, resulting in a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-27406)

Affected Software/OS:
'freetype' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2022-27406
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
https://security.gentoo.org/glsa/202402-06
http://freetype.com
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140
Common Vulnerability Exposure (CVE) ID: CVE-2025-27363

Copyright Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.12.2025.7352.2
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu: Security Advisory (USN-7352-2)
Zusammenfassung:	The remote host is missing an update for the 'freetype' package(s) announced via the USN-7352-2 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'freetype' package(s) announced via the USN-7352-2 advisory. Vulnerability Insight: USN-7352-1 fixed a vulnerability in FreeType. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update also fixes an additional vulnerability in Ubuntu 14.04 LTS. Original advisory details: It was discovered that FreeType incorrectly handled certain memory operations when parsing font subglyph structures. A remote attacker could use this issue to cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2025-27363) Additional advisory details: It was discovered that FreeType incorrectly handled certain memory operations during typical execution. An attacker could possibly use this issue to cause FreeType to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-27406) Affected Software/OS: 'freetype' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-27406 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ https://security.gentoo.org/glsa/202402-06 http://freetype.com https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140 Common Vulnerability Exposure (CVE) ID: CVE-2025-27363
Copyright	Copyright (C) 2025 Greenbone AG