BIT-PYTHON-2025-4516 Use-after-free in "unicode_escape" decoder with error handler

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

SUSE-SU-2025:02020-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 - CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool bnc1234453 - CVE-2024-47615: Fixed out-of-bounds write ...

SUSE CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

DEBIAN-CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182 media: imx-jpeg: Align upwards buffer size

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182 media: imx-jpeg: Align upwards buffer size

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182

CVE-2022-50182 concerns a Linux kernel issue in the media: imx-jpeg driver. The flaw involved aligning upwards the buffer size for both encoder and decoder, allowing arbitrary image dimensions (WxH) while leaving the picture resolution unchanged. The documented impact indicates the decoder risk o...

PT-2025-26108 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the imx-jpeg media component. The issue allowed for potential memory out of bounds risks, particularly in the...

AZL-64079 CVE-2025-6199 affecting package gdk-pixbuf2 for versions less than 2.42.10-4

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

AZL-64077 CVE-2025-6199 affecting package gdk-pixbuf2 for versions less than 2.40.0-8

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

CVE-2025-6199 affects the GIF LZW decoder in GdkPixbuf (gdk-pixbuf2). When an invalid symbol is decompressed, the output size is set to the full buffer length instead of the number of written bytes, causing uninitialized buffer areas to be emitted and potentially leaking memory contents from GIF ...

CVE-2025-6199 Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199 Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

GdkPixBuf 信息泄露漏洞

GdkPixBuf is a library that supports loading image files in multiple formats. An information disclosure vulnerability exists in GdkPixBuf that stems from improper handling of invalid symbols by the LZW decoder in the GIF parser, which could lead to a memory content disclosure...

Astra Linux - уязвимость в xz-utils

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

TencentOS Server 3: poppler (TSSA-2023:0150)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0150 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...