Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 585
Alerts This Week
Warning Icon 1 585

Mageia 10 Poppler Critical Integer Overflow Heap Overflow Fix 2026-0256

mageia
Calendar Grey July 15, 2026
Dist Mageia Esm H88
Updated Mageia poppler packages address critical integer overflow leading to heap overflow issues. Immediate action recommended.
Security update

Summary

Description: The updated packages fix a security vulnerability: Integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication. (CVE-2026-10118)

References

- https://bugs.mageia.org/show_bug.cgi?id=35658

- https://ubuntu.com/security/notices/USN-8400-1

- https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715

- https://lists.debian.org/debian-security-announce/2026/msg00244.html

- https://www.cve.org/CVERecord?id=CVE-2026-10118

Resolution

SRPMS

- 10/core/poppler-25.12.0-1.1.mga10

- 9/core/poppler-23.02.0-1.9.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 16 Jul 2026 
URL: https://advisories.mageia.org/MGASA-2026-0256.html
Type: security
CVE: CVE-2026-10118

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.