FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gdk-pixbuf2 -- a heap buffer overflow

Affected packages
gdk-pixbuf2 < 2.42.12_2

Details

VuXML ID 3d4393b2-68a5-11f0-b2b4-589cfc10832a
Discovery 2025-07-24
Entry 2025-07-24

cve@mitre.org reports:

A flaw exists in gdk-pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

[source]

References

CVE Name CVE-2025-7345
URL https://www.cve.org/CVERecord?id=CVE-2025-7345

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.