Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-12862

Опубликовано: 05 авг. 2025
Источник: oracle-oval
Платформа: Oracle Linux 10

Описание

ELSA-2025-12862: gdk-pixbuf2 security update (MODERATE)

[2.42.12-4]

  • jpeg: Be more careful with chunked icc data

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

gdk-pixbuf2

2.42.12-4.el10_0

gdk-pixbuf2-devel

2.42.12-4.el10_0

gdk-pixbuf2-modules

2.42.12-4.el10_0

Oracle Linux x86_64

gdk-pixbuf2

2.42.12-4.el10_0

gdk-pixbuf2-devel

2.42.12-4.el10_0

gdk-pixbuf2-modules

2.42.12-4.el10_0

Связанные CVE

CVE-2025-7345

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-7345

CVSS3: 7.5
ubuntu
около 1 месяца назад

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

redhat логотип

CVE-2025-7345

CVSS3: 7.5
redhat
около 1 месяца назад

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

nvd логотип

CVE-2025-7345

CVSS3: 7.5
nvd
около 1 месяца назад

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

msrc логотип

CVE-2025-7345

CVSS3: 7.5
msrc
27 дней назад

Описание отсутствует

debian логотип

CVE-2025-7345

CVSS3: 7.5
debian
около 1 месяца назад

A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_loa ...