vulnerability
Alpine Linux: CVE-2025-59731: Out-of-bounds Write
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:A/AC:H/Au:S/C:C/I:C/A:N) | Oct 6, 2025 | Dec 5, 2025 | Jan 15, 2026 |
Severity
6
CVSS
(AV:A/AC:H/Au:S/C:C/I:C/A:N)
Published
Oct 6, 2025
Added
Dec 5, 2025
Modified
Jan 15, 2026
Description
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data.
We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.
We recommend upgrading to version 8.0 or beyond.
We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.
We recommend upgrading to version 8.0 or beyond.
Solution
alpine-linux-upgrade-ffmpeg
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.