Fedora 43: xpdf Critical Security Updates for Multiple CVEs 2025-7c5b6a3bcb

fedora

December 5, 2025

Update to 4.06

Summary

Xpdf is an X Window System based viewer for Portable Document Format

(PDF) files. Xpdf is a small and efficient program which uses

standard X fonts.

Update Information:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs: CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

Topics Covered

security advisory fedora critical xpdf stack overflow out-of-bounds

Change Log

* Tue Nov 18 2025 Tom Callaway - 1:4.06-1 - update to 4.06

References

[ 1 ] Bug #2271913 - CVE-2024-2971 xpdf: negative object number in an indirect reference in a PDF file can cause an out-of-bounds array write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2271913 [ 2 ] Bug #2272853 - CVE-2024-3247 xpdf: stack-overflow in pdftotext [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272853 [ 3 ] Bug #2272856 - CVE-2024-3248 xpdf: stack overflow via pdftpng [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272856 [ 4 ] Bug #2275829 - CVE-2024-3900 xpdf: out-of-bounds array write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275829 [ 5 ] Bug #2277032 - CVE-2024-4141 xpdf: Out-of-bounds array write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2277032 [ 6 ] Bug #2279473 - CVE-2024-4568 xpdf: loop in the PDF resources leads to infinite recursion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2279473 [ 7 ] Bug #2280762 - CVE-...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7c5b6a3bcb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: xpdf

Product: Fedora 43

Version: 4.06

Release: 1.fc43

URL:

Summary: A PDF file viewer for the X Window System

Topics Covered

security advisory fedora critical xpdf stack overflow out-of-bounds

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43: xpdf Critical Security Updates for Multiple CVEs 2025-7c5b6a3bcb

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43: xpdf Critical Security Updates for Multiple CVEs 2025-7c5b6a3bcb

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!