Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42: gdk-pixbuf2 Critical Memory Disclosure and Heap Overflow CVE Fix

fedora
Calendar Grey August 3, 2025
Dist Fedora Esm H88
To address the vulnerabilities CVE-2025-7345 and CVE-2025-6199 in gdk-pixbuf2 on Fedora 42, users must quickly update their systems for crucial security fixes
This update fixes CVE-2025-7345 and CVE-2025-6199.

Summary

gdk-pixbuf is an image loading library that can be extended by loadable

modules for new image formats. It is used by toolkits such as GTK+ or

clutter.

Update Information:

This update fixes CVE-2025-7345 and CVE-2025-6199.

Topics%20covered

Topics Covered

security advisory fedora critical heap overflow image loading memory disclosure

Change Log

* Thu Jul 31 2025 Marek Kasik - 2.42.12-12 - jpeg: Be more careful with chunked icc data * Thu Jul 31 2025 Marek Kasik - 2.42.12-11 - lzw: Fix reporting of bytes written in decoder

References


[ 1 ] Bug #2373147 - CVE-2025-6199 gdk-pixbuf: Uninitialized Memory Disclosure in GdkPixbuf GIF LZW Decoder https://bugzilla.redhat.com/show_bug.cgi?id=2373147 [ 2 ] Bug #2377063 - CVE-2025-7345 gdk\u2011pixbuf: Heap\u2011buffer\u2011overflow in gdk\u2011pixbuf https://bugzilla.redhat.com/show_bug.cgi?id=2377063

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f0bec53a1d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: gdk-pixbuf2
Product: Fedora 42
Version: 2.42.12
Release: 12.fc42
URL:
Summary: An image loading library

Topics%20covered

Topics Covered

security advisory fedora critical heap overflow image loading memory disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here