SUSE-SU-2025:03151-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. CVE-2025-55154: Fixed integer overflow when performing magnified size calculations in ReadOneMNGIMage bsc1248078. CVE-2025-55160: Fixed...

SUSE-SU-2025:03150-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. - CVE-2025-55154: Fixed integer overflow when performing magnified size calculations in ReadOneMNGIMage bsc1248078. - CVE-2025-55160: Fix...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2025:03113-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03113-1 advisory. - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alph...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...

SUSE-SU-2025:03113-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

assimp: Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflow

A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed ASE file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...

CLSA-2025-1757247437 zlib: Fix of CVE-2016-9840

CVE-2016-9840: fix undefined behavior in inftrees.c...

CLSA-2025-1757246128 zlib: Fix of CVE-2016-9840

CVE-2016-9840: fix undefined behavior in inftrees.c...

CLSA-2025-1757246101 zlib: Fix of CVE-2016-9840

CVE-2016-9840: fix undefined behavior in inftrees.c...

assimp: Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow

A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed LWO file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...

bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

...

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

...

kunit/overflow: Fix UB in overflow_allocation_test

...

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.

...

Undefined Behavior in bounded Crossbeam channel

...

drm/amd/display: fix a UBSAN warning in DML2.1

...

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126.

...

glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

Linux Distros Unpatched Vulnerability : CVE-2022-32546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untruste...