CVE-2025-31344

Name
CVE-2025-31344
Description
Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
securities@openeuler.org https://gitee.com/src-openeuler/giflib/pulls/54
securities@openeuler.org https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1292
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/07/3
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/07/4
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/07/5
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/07/6
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/08/1
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/09/5
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/09/7
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/04/10/1

Match rules

CPE URI Source package Min version Max version
giflib >= 0 <= 5.2.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
giflib edge-main 5.2.2-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib edge-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib edge-main 5.2.1-r5 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib edge-main 5.2.1-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib edge-main 5.2.1-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib edge-main 5.2.1-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.23-main 5.2.2-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.22-main 5.2.2-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.22-main 5.2.2-r0 None possibly vulnerable
giflib 3.22-main 5.2.1-r2 None possibly vulnerable
giflib 3.21-main 5.2.2-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.21-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.21-main 5.2.1-r2 None possibly vulnerable
giflib 3.20-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.20-main 5.2.1-r2 None possibly vulnerable
giflib 3.19-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.19-main 5.2.1-r5 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.19-main 5.2.1-r2 None possibly vulnerable