- Description
- Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active bdf-converter users may be affected when this tool is exposed to external provided user data data (i.e. publicly available automation). This issue affects Apache NuttX: from 6.9 before 12.9.0. Users are recommended to upgrade to version 12.9.0, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@apache.org
- CWE-122
- Hype score
- Not currently trending
CVE-2025-47868 Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apach… https://t.co/LAxnDrMsJy
@CVEnew
16 Jun 2025
483 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47868 CVE-2025-47868 https://t.co/6yRgzSAlnV
@VulmonFeeds
15 Jun 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache NuttX RTOS CVE-2025-47868: tools/bdf-converter: Out-of-bounds Write resulting in possible Heap-based Buffer Overflow https://t.co/Kh2gqflyJM CVE-2025-47869: examples/xmlrpc: Improper Restriction of Operations within the Bounds of a Memory Buffer https://t.co/tOlx8RMb5V
@oss_security
14 Jun 2025
397 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:nuttx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A8286D6-20AD-484E-9FC5-05EC05A33102",
"versionEndExcluding": "12.9.0",
"versionStartIncluding": "6.9"
}
],
"operator": "OR"
}
]
}
]