PT-2025-40877 · Openexr+4 · Openexr+4
Published
2025-08-05
·
Updated
2026-01-27
·
CVE-2025-59731
CVSS v4.0
6.9
Medium
| Vector | AV:A/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
OpenEXR versions prior to 8.0
Description
The software is susceptible to an issue when decoding OpenEXR files that utilize DWAA or DWAB compression. Specifically, the length of run-length-encoded data is not validated during the decoding process. This can lead to out-of-bounds access when reading data from the
td->rle raw data buffer, potentially resulting in a crash or other unexpected behavior. The issue occurs because the code reads rle raw size from the input file and uses it to determine the size of the buffer, but does not verify that subsequent access to the buffer remains within the allocated bounds. The access at [2] may exceed rle raw size.Recommendations
Upgrade to version 8.0 or beyond.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Linuxmint
Openexr
Red Os
Ubuntu