CVE-2025-47868

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-47868

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-47868.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-47868

Published

2025-06-16T11:15:18Z

Modified

2025-06-18T10:58:47.462209Z

Summary

[none]

Details

Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active bdf-converter users may be affected when this tool is exposed to external provided user data data (i.e. publicly available automation).

This issue affects Apache NuttX: from 6.9 before 12.9.0.

Users are recommended to upgrade to version 12.9.0, which fixes the issue.

References

Affected packages

Git / github.com/apache/incubator-nuttx

Affected ranges

Type: GIT
Repo: https://github.com/apache/incubator-nuttx
Events: Introduced

27751a08f49b7ca8696bc461ad24bc1adbbc60da

Fixed

7c95e3c613820adf9802ba2fea0806333c02a553

Affected versions

nuttx-12.*

nuttx-12.9.0-RC0

nuttx-6.*

nuttx-6.10

nuttx-6.11

nuttx-6.12

nuttx-6.13

nuttx-6.14

nuttx-6.15

nuttx-6.16

nuttx-6.17

nuttx-6.18

nuttx-6.19

nuttx-6.20

nuttx-6.21

nuttx-6.22

nuttx-6.23

nuttx-6.24

nuttx-6.25

nuttx-6.26

nuttx-6.27

nuttx-6.28

nuttx-6.29

nuttx-6.30

nuttx-6.31

nuttx-6.32

nuttx-6.33

nuttx-6.9

nuttx-7.*

nuttx-7.1

nuttx-7.10

nuttx-7.11

nuttx-7.12

nuttx-7.13

nuttx-7.14

nuttx-7.15

nuttx-7.16

nuttx-7.17

nuttx-7.18

nuttx-7.19

nuttx-7.2

nuttx-7.20

nuttx-7.21

nuttx-7.22

nuttx-7.23

nuttx-7.24

nuttx-7.25

nuttx-7.26

nuttx-7.27

nuttx-7.28

nuttx-7.29

nuttx-7.3

nuttx-7.30

nuttx-7.31

nuttx-7.4

nuttx-7.5

nuttx-7.6

nuttx-7.7

nuttx-7.8

nuttx-7.9

nuttx-8.*

nuttx-8.1

nuttx-8.2