Description
A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched locally. This patch is called d4ce337c76bff1b278d7085c3c4f4725e3aa6ece. A patch should be applied to remediate this issue.
Published: 2026-02-25
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory corruption
Action: Apply Patch
AI Analysis

Impact

The vulnerability resides in libvips, version 8.18.0 or earlier, in the matrixload.c component that processes matrix file headers. An attacker who can execute code locally on a system that uses libvips can manipulate matrix file contents to trigger a memory corruption condition via the function vips_foreign_load_matrix_header. The resulting corruption could overwrite critical data structures and potentially lead to crashes or arbitrary code execution, compromising the integrity of the affected process.

Affected Systems

Affected systems include any installation of the libvips library up to and including version 8.18.0 that uses the foreign matrix load functionality. The fix is applied in commit d4ce337c76bff1b278d7085c3c4f4725e3aa6ece and is present in releases thereafter. Users of older versions should compare installed versions against the first patch tarball that includes this commit.

Risk and Exploitability

The CVSS score of 4.8 places the weakness in the moderate range, and the EPSS value of less than 1 percent indicates a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, and the attack vector is strictly local, meaning threat actors need local access to the machine running libvips. Consequently, the overall risk is moderate but constrained to environments where untrusted matrix files could be processed by privileged local users.

Generated by OpenCVE AI on April 17, 2026 at 15:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to libvips version 8.19.0 or later, which includes the patch commit d4ce337c76bff1b278d7085c3c4f4725e3aa6ece.
  • If an immediate upgrade is not feasible, rebuild libvips from source after applying the patch commit to replace the vulnerable matrixload.c implementation.
  • Disable or remove foreign matrix file support in libvips if the functionality is not required, or restrict its use to trusted users only.
  • Monitor system logs for segmentation faults or abnormal crashes that could indicate memory corruption caused by malformed matrix files.

Generated by OpenCVE AI on April 17, 2026 at 15:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Feb 2026 03:15:00 +0000

Type Values Removed Values Added
Description A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched locally. This patch is called d4ce337c76bff1b278d7085c3c4f4725e3aa6ece. A patch should be applied to remediate this issue.
Title libvips matrixload.c vips_foreign_load_matrix_header memory corruption
First Time appeared Libvips
Libvips libvips
Weaknesses CWE-119
CPEs cpe:2.3:a:libvips:libvips:*:*:*:*:*:*:*:*
Vendors & Products Libvips
Libvips libvips
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Libvips Libvips
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-25T20:28:56.023Z

Reserved: 2026-02-24T19:53:43.308Z

Link: CVE-2026-3145

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-25T03:16:07.193

Modified: 2026-02-25T20:56:39.700

Link: CVE-2026-3145

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T15:45:15Z

Weaknesses