Alerts This Week
Warning Icon 1 745
Alerts This Week
Warning Icon 1 745

Critical Remote Code Execution Vulnerability in Fedora 43 mingw-openexr

fedora
Calendar Grey January 27, 2026
Dist Fedora Esm H88
Update to OpenEXR 3.3.6 addresses critical security vulnerabilities in Fedora 43, including remote code execution risks.
Update to openexr-3.3.6, fixes multiple security issues.

Summary

MinGW Windows openexr library.

Update Information:

Update to openexr-3.3.6, fixes multiple security issues.

Topics%20covered

Topics Covered

security advisory security issue fedora critical code execution mingw-openexr

Change Log

* Sat Jan 17 2026 Sandro Mani - 3.3.6-1 - Update to 3.3.6

References


[ 1 ] Bug #2417239 - CVE-2025-64183 mingw-openexr: use after free in PyObject_StealAttrString [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417239 [ 2 ] Bug #2417242 - CVE-2025-64183 mingw-openexr: use after free in PyObject_StealAttrString [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417242 [ 3 ] Bug #2417985 - CVE-2025-64182 mingw-openexr: buffer overflow in PyOpenEXR_old's channels() and channel() [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417985 [ 4 ] Bug #2417987 - CVE-2025-64182 mingw-openexr: buffer overflow in PyOpenEXR_old's channels() and channel() [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417987 [ 5 ] Bug #2418247 - CVE-2025-64181 mingw-openexr: Use of Uninitialized Memory inside generic_unpack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2418247 [ 6 ] Bug #2418249 - CVE-2025-64181 mingw-openexr: Use of Uninitialized Memory inside generic_unpack [fe...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-1fbf91067c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-openexr
Product: Fedora 43
Version: 3.3.6
Release: 1.fc43
URL: https://openexr.com/en/latest/
Summary: MinGW Windows openexr library

Topics%20covered

Topics Covered

security advisory security issue fedora critical code execution mingw-openexr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here