Описание
ELSA-2025-14683: gdk-pixbuf2 security update (MODERATE)
[2.36.12-3.0.1]
- jpeg: Be more careful with chunked icc data [Orabug: 38359772][CVE-2025-7345]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
gdk-pixbuf2
2.36.12-3.0.1.el7
gdk-pixbuf2-devel
2.36.12-3.0.1.el7
gdk-pixbuf2-tests
2.36.12-3.0.1.el7
Связанные CVE
Связанные уязвимости
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_loa ...