🔐 CVE Alert

CVE-2025-7345

HIGH 7.5

Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.

CWE CWE-120
Published Jul 8, 2025
Last Updated Nov 7, 2025
Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new high vulnerabilities are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Affected Versions

Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:12841 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:12862 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:13315 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14574 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14575 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14576 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14585 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14618 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14646 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14647 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:14683 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-7345 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2377063 gitlab.gnome.org: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00024.html

Credits

Red Hat would like to thank Yifan Zhang (Programming Languages Lab, Peking University) for reporting this issue.