Astra Linux - уязвимость в ffmpeg5

When decoding an OpenEXR file that uses DWAA or DWAB compression, there is an implicit assumption that all image channels have the same pixel type and size. If there are four channels, the first four are “B”, “G”, “R”, and “A”. The channel parsing code can be found in “decodeheader”. The buffer...

ROS-20251014-04

A vulnerability in the libvips horizontal topology image processing library is related to the creation of a three-channel HEIF image without an alpha channel and then writing its data into 4 channels. 3-channel HEIF image without alpha channel and then writing its data to 4 channels. Exploitation...

SUSE CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

UBUNTU-CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

CVE-2025-59733 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

CVE-2025-59733 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

CVE-2025-59733

FFmpeg/OpenEXR dwa_uncompress vulnerability (CVE-2025-59733): OpenEXR DWAA/DWAB decoding incorrectly assumes all channels share the same pixel type/size and that four channels map to B, G, R, A. If the main color channels are 4-byte and there are duplicate/unknown channels with 2-byte EXR_HALF, c...

PT-2025-40879

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description An issue exists in decoding OpenEXR files that use DWAA or DWAB compression. The software makes an assumption that all image channels have the same pixel type and size, specifically expecting "B", "G",...

Linux Distros Unpatched Vulnerability : CVE-2024-38631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: adc: PAC1934: fix accessing out of bounds array index Fix accessing out of bounds array...

SUSE CVE-2024-38631

In the Linux kernel, the following vulnerability has been resolved: iio: adc: PAC1934: fix accessing out of bounds array index Fix accessing out of bounds array index for average current and voltage measurements. The device itself has only 4 channels, but in sysfs there are "fake" channels for th...

PT-2024-7514 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the pac1934 read raw function in the drivers/iio/adc/pac1934.c module of the Linux kernel, which is associated with accessing memory beyond the allocated buffer...