ZDI-25-166: Apple macOS libFontParser Glyph Mapping Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the libFontParser library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-54486.

USN-7463-1: Linux kernel (IBM) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

April 24, 2025

xz-5.8.1-2.fc42

FEDORA-2025-7f00e5e744 Packages in this update: xz-5.8.1-2.fc42 Update description: New upstream version 5.8.1 (with a rebuild to try and fix a...

April 24, 2025

USN-7462-2: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7462-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7461-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7461-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

Blue Shield of California Data Breach Affects 4.7 Million Members

Highest-Risk Security Flaw Found in Commvault Backup Solutions

Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks

Ransomware Attacks Fall Sharply in March

ETSI Unveils New Baseline Requirements for Securing AI

Ofcom Lays Down the Law with Child Safety Rules for Tech Giants

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

From Fast to Smart: Rethinking Incident Response Metrics

DOGE Worker’s Code Supports NLRB Whistleblower

ZDI-25-166: Apple macOS libFontParser Glyph Mapping Out-Of-Bounds Read Information Disclosure Vulnerability

USN-7463-1: Linux kernel (IBM) vulnerabilities

xz-5.8.1-2.fc42

USN-7462-2: Linux kernel (AWS FIPS) vulnerabilities

USN-7462-1: Linux kernel vulnerabilities

USN-7461-2: Linux kernel (FIPS) vulnerabilities

USN-7461-1: Linux kernel vulnerabilities