| Reporter | Title | Published | Views | Family All 38 |
|---|---|---|---|---|
| CVE-2025-59733 | 6 Oct 202508:09 | – | alpinelinux | |
| Astra Linux – Vulnerability in ffmpeg5 | 19 Jun 202611:10 | – | astralinux | |
| The vulnerability of the dwa_uncompress() function in the OpenEXR File Decoder component of the FFmpeg multimedia library allows a malicious actor to execute arbitrary code. | 10 Oct 202500:00 | – | bdu_fstec | |
| CVE-2025-59733 vulnerabilities | 2 Feb 202613:17 | – | cgr | |
| CVE-2025-59733 | 6 Oct 202513:56 | – | circl | |
| OpenEXR 安全漏洞 | 6 Oct 202500:00 | – | cnnvd | |
| OpenEXR has an unspecified vulnerability (CNVD-2025-24791) | 21 Oct 202500:00 | – | cnvd | |
| CVE-2025-59733 | 6 Oct 202508:09 | – | cve | |
| CVE-2025-59733 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress | 6 Oct 202508:09 | – | cvelist | |
| CVE-2025-59733 | 6 Oct 202508:09 | – | debiancve |
| Source | Link |
|---|---|
| ubuntu | www.ubuntu.com/security/CVE-2025-59733 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(269316);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/20");
script_cve_id("CVE-2025-59733");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2025-59733");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all
image channels have the same pixel type (and size), and that if there are four channels, the first four
are B, G, R and A. The channel parsing code can be found in decode_header. The buffer
td->uncompressed_data is allocated in decode_block based on the xsize, ysize and computed
current_channel_offset. The function dwa_uncompress then assumes at [5] that if there are 4 channels,
these are B, G, R and A, and in the calculations at [6] and [7] that all channels are of the same
type, which matches the type of the main color channels. If we set the main color channels to a 4-byte
type and add duplicate or unknown channels of the 2-byte EXR_HALF type, then the addition at [7] will
increment the pointer by 4-bytes * xsize * nb_channels, which will exceed the allocated buffer. We
recommend upgrading to version 8.0 or beyond. (CVE-2025-59733)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2025-59733");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-59733");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/10/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.04");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ffmpeg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libav");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
script_require_ports("Host/OS/Ubuntu Linux-14.04", "Host/OS/Ubuntu Linux-25.04");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Ubuntu Linux-14.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "14.04",
"pkgs": [
{"reference": "libav"}
]
}
]
},
"Ubuntu Linux-25.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "25.04",
"pkgs": [
{"reference": "ffmpeg"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation