#cve-2025-43400

[ follow ]
Apple
fromComputerWeekly.com
2 days ago

Apple's first iOS 26 security update fixes memory corruption flaw | Computer Weekly

iOS 26 update fixes CVE-2025-43400 in Apple FontParser, an out-of-bounds write vulnerability that can cause process memory corruption and enable escalated attacks.
fromSecurityWeek
2 days ago

Apple Updates iOS and macOS to Prevent Malicious Font Attacks

Tracked as CVE-2025-43400, the security defect is described as an out-of-bounds write issue in the operating system's FontParser component that could lead to a denial-of-service (DoS) condition or memory corruption. "Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory," Apple explains. According to advisories from the Hong Kong CERT and Akaoma Cybersecurity, the vulnerability can be exploited remotely, without privileges, although user interaction is required.
Apple
[ Load more ]