DEBIAN-CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182 media: imx-jpeg: Align upwards buffer size

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182 media: imx-jpeg: Align upwards buffer size

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

CVE-2022-50182

CVE-2022-50182 concerns a Linux kernel issue in the media: imx-jpeg driver. The flaw involved aligning upwards the buffer size for both encoder and decoder, allowing arbitrary image dimensions (WxH) while leaving the picture resolution unchanged. The documented impact indicates the decoder risk o...

PT-2025-26108 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the imx-jpeg media component. The issue allowed for potential memory out of bounds risks, particularly in the...

AZL-64079 CVE-2025-6199 affecting package gdk-pixbuf2 for versions less than 2.42.10-4

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

AZL-64077 CVE-2025-6199 affecting package gdk-pixbuf2 for versions less than 2.40.0-8

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

CVE-2025-6199 affects the GIF LZW decoder in GdkPixbuf (gdk-pixbuf2). When an invalid symbol is decompressed, the output size is set to the full buffer length instead of the number of written bytes, causing uninitialized buffer areas to be emitted and potentially leaking memory contents from GIF ...

CVE-2025-6199 Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199 Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

GdkPixBuf 信息泄露漏洞

GdkPixBuf is a library that supports loading image files in multiple formats. An information disclosure vulnerability exists in GdkPixBuf that stems from improper handling of invalid symbols by the LZW decoder in the GIF parser, which could lead to a memory content disclosure...

Astra Linux - уязвимость в xz-utils

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

TencentOS Server 3: poppler (TSSA-2023:0150)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0150 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CLSA-2025-1749826187 gstreamer1-plugins-good: Fix of CVE-2024-47613

CVE-2024-47613: fix NULL-pointer dereference in gdk-pixbuf decoder...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:01877-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273...

The vulnerability of the lzma_stream_decoder_mt() function in the liblzma library, a data compression package for XZ Utils, allows a hacker to cause a service failure.

The vulnerability of the lzmastreamdecodermt function in the liblzma library, a component of the XZ Utils data compression package, involves premature resource release due to pointer aliasing. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...