Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 41: FEDORA-2025-a77aae3213 critical: libxmp buffer overflow

fedora
Calendar Grey May 13, 2025
Dist Fedora Esm H88
Fedora 41 has an essential update for libxmp addressing a critical buffer overflow vulnerability. Users are urged to update promptly for enhanced security and stability.
Fixes CVE-2025-47256 .

Summary

Libxmp is a library that renders module files to PCM data. It supports

over 90 mainstream and obscure module formats including Protracker (MOD),

Scream Tracker 3 (S3M), Fast Tracker II (XM), and Impulse Tracker (IT).

Many compressed module formats are supported, including popular Unix, DOS,

and Amiga file packers including gzip, bzip2, SQSH, Powerpack, etc.

Update Information:

Fixes CVE-2025-47256 .

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow critical libxmp

Change Log

* Wed May 7 2025 Michael Schwendt - 4.6.2-3 - Fix array subscript underflow in Pha Packer loader (CVE-2025-47256). * Wed May 7 2025 Michael Schwendt - 4.6.2-2 - own cmake libxmp dir

References


[ 1 ] Bug #2364612 - CVE-2025-47256 libxmp: stack-based buffer overflow via a malformed Pha format tracker module [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2364612

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77aae3213' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libxmp
Product: Fedora 41
Version: 4.6.2
Release: 3.fc41
URL:
Summary: A multi-format module playback library

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow critical libxmp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here