gdk-pixbuf: fix CVE-2025-7345 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Archana Polampalli <archana.polampalli@windriver.com>	2025-07-14 14:55:11 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-07-21 09:17:59 -0700
commit	76e0206da09bd9478c22db534b4b75f810b46fe0 (patch)
tree	60e4b9033ec4a151ec1e66207908610a9c23308e /scripts/patchtest
parent	40c7590281942e0dfbc8087da28d5ecd3ce20aca (diff)
download	poky-76e0206da09bd9478c22db534b4b75f810b46fe0.tar.gz

gdk-pixbuf: fix CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution. (From OE-Core rev: bb80f57bc3818937d5a207040bfd44021dee4e6e) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/patchtest')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: