High severity8.1NVD Advisory· Published Feb 29, 2024· Updated Apr 15, 2026

CVE-2024-25262

Description

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912nvd
lists.debian.org/debian-lts-announce/2024/10/msg00032.htmlnvd
tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLognvd

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000