SUSE-SU-2026:0377-1

Опубликовано: 04 фев. 2026

Источник: suse-cvrf

Описание

Security update for libheif

This update for libheif fixes the following issues:

CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay() via crafted HEIF that exercises the overlay image item (bsc#1255735)

Список пакетов

openSUSE Leap 15.6

gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1

libheif-devel-1.12.0-150400.3.17.1

libheif1-1.12.0-150400.3.17.1

libheif1-32bit-1.12.0-150400.3.17.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260377-1/
Link for SUSE-SU-2026:0377-1
https://lists.suse.com/pipermail/sle-security-updates/2026-February/024044.html
E-Mail link for SUSE-SU-2026:0377-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1255735
SUSE Bug 1255735
https://www.suse.com/security/cve/CVE-2025-68431/
SUSE CVE CVE-2025-68431 page

Описание

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.

Затронутые продукты

openSUSE Leap 15.6:gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1

openSUSE Leap 15.6:libheif-devel-1.12.0-150400.3.17.1

openSUSE Leap 15.6:libheif1-1.12.0-150400.3.17.1

openSUSE Leap 15.6:libheif1-32bit-1.12.0-150400.3.17.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-68431.html
CVE-2025-68431
https://bugzilla.suse.com/1255735
SUSE Bug 1255735

SUSE-SU-2026:0377-1

Описание

Список пакетов

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-68431

Описание

Затронутые продукты

Ссылки