Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 9: 2025-0076 moderate: DCMTK buffer overflow and DoS threat

mageia
Calendar Grey February 25, 2025
Dist Mageia Esm H88
The latest patch for DCMTK addresses a range of security vulnerabilities, including critical buffer overflow and denial of service (DoS) risks that impact Mageia 9 systems.
A buffer overflow in DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DCM file (CVE-2025-25472)

Summary

A buffer overflow in DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DCM file (CVE-2025-25472). DCMTK was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h (CVE-2025-25474). A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file (CVE-2025-25475).

References

- https://bugs.mageia.org/show_bug.cgi?id=34043

-

- https://www.cve.org/CVERecord?id=CVE-2025-25472

- https://www.cve.org/CVERecord?id=CVE-2025-25474

- https://www.cve.org/CVERecord?id=CVE-2025-25475

Topics%20covered

Topics Covered

security advisory security update buffer overflow DoS vulnerability NULL pointer DoS risk Mageia DCMTK

Resolution

SRPMS

- 9/core/dcmtk-3.6.7-4.4.mga9

Publication date: 25 Feb 2025
URL: https://advisories.mageia.org/MGASA-2025-0076.html
Type: security
CVE: CVE-2025-25472, CVE-2025-25474, CVE-2025-25475

Topics%20covered

Topics Covered

security advisory security update buffer overflow DoS vulnerability NULL pointer DoS risk Mageia DCMTK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here