Medium: lcms2

Issue Overview: A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color...

Amazon Linux 2 : lcms2, --advisory ALAS2-2026-3192 (ALAS-2026-3192)

The version of lcms2 installed on the remote host is prior to 2.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3192 advisory. A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to...

UBUNTU-CVE-2025-29070

A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service...

CVE-2025-29070

A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there...

PT-2025-14384 · Lcms2 +1 · Lcms2 +1

Name of the Vulnerable Software and Affected Versions: lcms2 version 2.16 Description: A heap buffer overflow issue has been identified in the thesmooth2 function in cmsgamma.c that allows a remote attacker to cause a denial of service. This issue affects the lcms2 library, potentially allowing f...