Описание
Security update for libheif
This update for libheif fixes the following issues:
- CVE-2025-68431: heap buffer over-read in
HeifPixelImage::overlay()via crafted HEIF file that exercises the overlay image item path (bsc#1255735).
Список пакетов
openSUSE Leap 16.0
gdk-pixbuf-loader-libheif-1.19.7-160000.3.1
libheif-aom-1.19.7-160000.3.1
libheif-dav1d-1.19.7-160000.3.1
libheif-devel-1.19.7-160000.3.1
libheif-ffmpeg-1.19.7-160000.3.1
libheif-jpeg-1.19.7-160000.3.1
libheif-openjpeg-1.19.7-160000.3.1
libheif-rav1e-1.19.7-160000.3.1
libheif-svtenc-1.19.7-160000.3.1
libheif1-1.19.7-160000.3.1
Ссылки
- SUSE Security Ratings
- SUSE Bug 1255735
- SUSE CVE CVE-2025-68431 page
Описание
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.
Затронутые продукты
openSUSE Leap 16.0:gdk-pixbuf-loader-libheif-1.19.7-160000.3.1
openSUSE Leap 16.0:libheif-aom-1.19.7-160000.3.1
openSUSE Leap 16.0:libheif-dav1d-1.19.7-160000.3.1
openSUSE Leap 16.0:libheif-devel-1.19.7-160000.3.1
Ссылки
- CVE-2025-68431
- SUSE Bug 1255735