ELSA-2025-13315

Опубликовано: 07 авг. 2025

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2025-13315: gdk-pixbuf2 security update (MODERATE)

[2.36.12-7]

Backport fixes for CVE-2025-7345
Resolves: RHEL-102346

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

gdk-pixbuf2

2.36.12-7.el8_10

gdk-pixbuf2-devel

2.36.12-7.el8_10

gdk-pixbuf2-modules

2.36.12-7.el8_10

gdk-pixbuf2-xlib

2.36.12-7.el8_10

gdk-pixbuf2-xlib-devel

2.36.12-7.el8_10

Oracle Linux x86_64

gdk-pixbuf2

2.36.12-7.el8_10

gdk-pixbuf2-devel

2.36.12-7.el8_10

gdk-pixbuf2-modules

2.36.12-7.el8_10

gdk-pixbuf2-xlib

2.36.12-7.el8_10

gdk-pixbuf2-xlib-devel

2.36.12-7.el8_10

Связанные CVE

CVE-2025-7345

Ссылки на источники

Связанные уязвимости

CVE-2025-7345

CVSS3: 7.5

ubuntu

около 1 месяца назад

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.