Oracle Linux 10 libpng Important Heap Over-Read Threat ELSA-2026-3551
oracle
March 9, 2026
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:
Summary
[2:1.6.40-8.2] - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (RHEL-148323) - fix CVE-2026-22695: heap buffer over-read in png_image_finish_read (RHEL-148818) - fix CVE-2026-22801: heap buffer over-read in png_image_write_*bit (RHEL-146645)
Topics Covered
SRPMs
http://oss.oracle.com/ol10/SRPMS-updates/libpng-1.6.40-8.el10_1.2.src.rpm
x86_64
libpng-1.6.40-8.el10_1.2.x86_64.rpm libpng-devel-1.6.40-8.el10_1.2.x86_64.rpm
aarch64
libpng-1.6.40-8.el10_1.2.aarch64.rpm libpng-devel-1.6.40-8.el10_1.2.aarch64.rpm
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2026-22695
CVE-2026-22801
CVE-2026-25646
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!