Skip to content

fix(libheif): CVE-2025-68431, CVE-2026-3949#6

Merged
Zeno-sole merged 1 commit into
masterfrom
fix/CVE-2025-43966-multi
Jun 2, 2026
Merged

fix(libheif): CVE-2025-68431, CVE-2026-3949#6
Zeno-sole merged 1 commit into
masterfrom
fix/CVE-2025-43966-multi

Conversation

@deepin-ci-robot

Copy link
Copy Markdown
Contributor

CVE 修复

CVE ID: CVE-2025-68431, CVE-2026-3949

漏洞描述:

  • CVE-2025-68431: Heap buffer over-read in HeifPixelImage::overlay() where a negative row length from an unclipped overlay rectangle underflows when converted to size_t and is passed to memcpy.
  • CVE-2026-3949: Out-of-bounds read in vvdec_push_data when processing vvdec data without proper boundary checks.

修复方案: Backport upstream patches

受影响版本: libheif < 1.19.6 (CVE-2025-68431), libheif < 1.21.0 (CVE-2026-3949)

当前版本: 1.18.1-1deepin1

验证状态: quilt 验证通过


NOT-AFFECTED CVEs:


Upstream:

Fix-Approach: backport
Generated-By: glm-5.1
Co-Authored-By: hudeng hudeng@deepin.org


Generated by AI

Fix heap buffer over-read in HeifPixelImage::overlay() and
out-of-bounds read in vvdec_push_data.

CVE-2025-43966, CVE-2025-43967, CVE-2026-3950: NOT-AFFECTED
- Vulnerable code does not exist in version 1.18.1
- image-items/iden.cc, image-items/grid.cc, sequences/track.cc not present

Upstream:
- strukturag/libheif@b8c12a7
- strukturag/libheif@b97c8b5

Generated-By: glm-5.1
Co-Authored-By: hudeng <hudeng@deepin.org>
@deepin-ci-robot

Copy link
Copy Markdown
Contributor Author

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign goldendeng for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@github-actions

Copy link
Copy Markdown

TAG Bot

TAG: 1.18.1-1deepin1
EXISTED: no
DISTRIBUTION: unstable

@hudeng-go

Copy link
Copy Markdown
Contributor

/integrate

@github-actions

Copy link
Copy Markdown

AutoIntegrationPr Bot
auto integrate with pr url: deepin-community/Repository-Integration#4084
PrNumber: 4084
PrBranch: auto-integration-26485615925

@Zeno-sole Zeno-sole merged commit bfa4382 into master Jun 2, 2026
7 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

cve CVE security fix generated-by-ai

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants