A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

History

Sat, 30 Aug 2025 22:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Aus
Redhat rhel Els
Redhat rhel Eus Long Life
Redhat rhel Tus
CPEs cpe:/o:redhat:enterprise_linux:7 cpe:/a:redhat:rhel_aus:8.2::appstream
cpe:/a:redhat:rhel_aus:8.4::appstream
cpe:/a:redhat:rhel_aus:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.8::appstream
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
cpe:/a:redhat:rhel_tus:8.6::appstream
cpe:/a:redhat:rhel_tus:8.8::appstream
cpe:/o:redhat:rhel_aus:8.2::baseos
cpe:/o:redhat:rhel_aus:8.4::baseos
cpe:/o:redhat:rhel_aus:8.6::baseos
cpe:/o:redhat:rhel_e4s:8.6::baseos
cpe:/o:redhat:rhel_e4s:8.8::baseos
cpe:/o:redhat:rhel_els:7
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
cpe:/o:redhat:rhel_tus:8.6::baseos
cpe:/o:redhat:rhel_tus:8.8::baseos
Vendors & Products Redhat rhel Aus
Redhat rhel Els
Redhat rhel Eus Long Life
Redhat rhel Tus
References

Tue, 26 Aug 2025 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.4::appstream
Vendors & Products Redhat rhel Eus
References

Tue, 26 Aug 2025 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0::appstream
cpe:/a:redhat:rhel_e4s:9.2::appstream
Vendors & Products Redhat rhel E4s
References

Thu, 07 Aug 2025 06:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:8::crb
cpe:/o:redhat:enterprise_linux:8::baseos
References

Tue, 05 Aug 2025 09:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:9
cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/o:redhat:enterprise_linux:10.0
References

Mon, 14 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00063}

epss

{'score': 0.00083}


Wed, 09 Jul 2025 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787

Wed, 09 Jul 2025 08:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120

Tue, 08 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 08 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
Title gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References

Tue, 08 Jul 2025 12:30:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
Weaknesses CWE-787
References
Metrics threat_severity

None

cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-08-31T05:33:49.950Z

Reserved: 2025-07-08T06:13:05.999Z

Link: CVE-2025-7345

cve-icon Vulnrichment

Updated: 2025-07-08T13:53:40.833Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2025-07-08T14:15:32.397

Modified: 2025-08-30T23:15:33.877

Link: CVE-2025-7345

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-07-08T00:00:00Z

Links: CVE-2025-7345 - Bugzilla

cve-icon OpenCVE Enrichment

No data.