Описание
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.
A flaw was found in libpng, a reference library for processing PNG (Portable Network Graphics) image files. A local attacker could exploit a heap buffer over-read vulnerability in the png_image_finish_read function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with an 8-bit output format and non-minimal row stride. This could lead to a denial of service (DoS) and potentially information disclosure.
Отчет
This vulnerability is rated Moderate for Red Hat products. A heap buffer over-read flaw exists in the libpng library when processing specially crafted interlaced 16-bit PNG images with 8-bit output format and non-minimal row stride. This issue requires user interaction, as an attacker would need to trick a user into opening a malicious PNG file.
Меры по смягчению последствий
To mitigate this issue, users should avoid opening untrusted PNG image files. Applications that process PNG images should be configured to restrict processing of untrusted or unverified content where possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of OpenJDK 11 ELS | java-11-openjdk | Affected | ||
| Red Hat build of OpenJDK 11 ELS | java-11-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 11 ELS | java-21-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 17 | java-17-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 17 | java-21-openjdk-portable | Not affected | ||
| Red Hat build of OpenJDK 1.8 | java-1.8.0-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 21 | java-21-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 21 | java-21-openjdk-portable-rhel7 | Not affected | ||
| Red Hat build of OpenJDK 25 | java-21-openjdk-vanilla | Not affected | ||
| Red Hat build of OpenJDK 25 | java-25-openjdk-portable | Affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.
LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix)
LIBPNG is a reference library for use in applications that read, creat ...
EPSS
6.1 Medium
CVSS3