Source: libheif Version: 1.20.2-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for libheif. CVE-2025-68431[0]: | libheif is an HEIF and AVIF file format decoder and encoder. Prior | to version 1.21.0, a crafted HEIF that exercises the overlay image | item path triggers a heap buffer over-read in | `HeifPixelImage::overlay()`. The function computes a negative row | length (likely from an unclipped overlay rectangle or invalid | offsets), which then underflows when converted to `size_t` and is | passed to `memcpy`, causing a very large read past the end of the | source plane and a crash. Version 1.21.0 contains a patch. As a | workaround, avoid decoding images using `iovl` overlay boxes. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-68431 https://www.cve.org/CVERecord?id=CVE-2025-68431 [1] https://github.com/strukturag/libheif/security/advisories/GHSA-j87x-4gmq-cqfq [2] https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
