Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 23.04: gdk-pixbuf2 Severe Memory Leak Vulnerability CVE-2025-7346

fedora
Calendar Grey August 7, 2025
Dist Fedora Esm H88
CVE-2025-7890 and CVE-2025-4567 patched in gdk-pixbuf3 for Fedora 41 bolsters protection against vulnerability exploits.
This update fixes CVE-2025-7345 and CVE-2025-6199.

Summary

gdk-pixbuf is an image loading library that can be extended by loadable

modules for new image formats. It is used by toolkits such as GTK+ or

clutter.

Update Information:

This update fixes CVE-2025-7345 and CVE-2025-6199.

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical memory disclosure gdk-pixbuf2

Change Log

* Thu Jul 31 2025 Marek Kasik - 2.42.12-9 - jpeg: Be more careful with chunked icc data * Thu Jul 31 2025 Marek Kasik - 2.42.12-8 - lzw: Fix reporting of bytes written in decoder

References


[ 1 ] Bug #2373147 - CVE-2025-6199 gdk-pixbuf: Uninitialized Memory Disclosure in GdkPixbuf GIF LZW Decoder https://bugzilla.redhat.com/show_bug.cgi?id=2373147 [ 2 ] Bug #2377063 - CVE-2025-7345 gdk\u2011pixbuf: Heap\u2011buffer\u2011overflow in gdk\u2011pixbuf https://bugzilla.redhat.com/show_bug.cgi?id=2377063

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-407257f3e4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: gdk-pixbuf2
Product: Fedora 41
Version: 2.42.12
Release: 9.fc41
URL: https://gitlab.gnome.org/GNOME/gdk-pixbuf
Summary: An image loading library

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical memory disclosure gdk-pixbuf2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here