gdk-pixbuf: fix CVE-2025-7345 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Archana Polampalli <archana.polampalli@windriver.com>	2025-07-14 15:51:44 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-07-21 09:07:21 -0700
commit	c172c46096471756be991314655a2a9492dda38e (patch)
tree	ff2123d58c45f30f82323b87190bc9c6a830d90c /scripts/lib/recipetool/create_buildsys_python.py
parent	83ba9772501cd6e4126c71e45ac6d77c3326e43e (diff)
download	poky-c172c46096471756be991314655a2a9492dda38e.tar.gz

gdk-pixbuf: fix CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution. (From OE-Core rev: 78a52a7feb995b4ab4f4df6b16feaac60f6ad59b) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/recipetool/create_buildsys_python.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: