CVE-2025-29069
Published: April 3, 2025Last modified: June 6, 2025
Description
A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in cmspack.c, which is responsible for handling color space transformations. NOTE: this is disputed by the Supplier because the finding identified a bug in a third-party calling program, not in lcms.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.3 |
| Attack Vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | LOW |
| Integrity impact | LOW |
| Availability impact | LOW |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Notes
Not considered an issue in lcms2 but in the fuzzer. CVE rejection request is submitted to MITRE. On second thought, I'm marking this as affected, but with status unknown, so that in the unlikely chance that the CVE is not rejected, we don't lose it. If it is rejected, I hope the system will take care of handling it.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | Stream | lcms2 | Unknown (2.16-r0) |