CNNVD-202507-1003 Information

CNNVD ID

CNNVD-202507-1003

Related CVE

CVE-2025-7345

• CNNVD Published: 2025-07-08

Description (Chinese)

gdk-pixbuf是GNOME开源的一款图像加载库。 gdk-pixbuf存在缓冲区错误漏洞，该漏洞源于处理特制JPEG图像时gdk_pixbuf__jpeg_image_load_increment函数和g_base64_encode_step函数存在堆缓冲区溢出，可能导致越界读取或执行任意代码。

Description (English)

gdk-pixbuf is an open-source collection of GNOME images. The gdk-pixbuf has a buffer zone error loophole, which stems from the proliferation of buffers in the special JPEG images gdk pixbuf jpeg image load increment and g base64 encode step functions, which may lead to cross-border reading or enforcement of any code.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

GNU

Published

2025-07-08

Last Modified

2026-02-24

References

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249 https://bugzilla.redhat.com/show_bug.cgi?id=2377063 https://access.redhat.com/security/cve/CVE-2025-7345 https://access.redhat.com/errata/RHSA-2025:14576 https://access.redhat.com/errata/RHSA-2025:14575 https://access.redhat.com/errata/RHSA-2025:14574 https://access.redhat.com/errata/RHSA-2025:13315 https://access.redhat.com/errata/RHSA-2025:12862 https://access.redhat.com/errata/RHSA-2025:12841 https://access.redhat.com/errata/RHSA-2025:14683 https://access.redhat.com/errata/RHSA-2025:14647 https://access.redhat.com/errata/RHSA-2025:14646 https://access.redhat.com/errata/RHSA-2025:14618 https://access.redhat.com/errata/RHSA-2025:14585 https://nvd.nist.gov/vuln/detail/CVE-2025-7345