CVE-2025-48175

Name

CVE-2025-48175

Description

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
cve@mitre.org	https://github.com/AOMediaCodec/libavif/commit/64d956ed5a602f78cebf29da023280944ee92efd
cve@mitre.org	https://github.com/AOMediaCodec/libavif/pull/2769
cve@mitre.org	https://github.com/AOMediaCodec/libavif/security/advisories/GHSA-762c-2538-h844

Match rules

CPE URI	Source package	Min version	Max version
	libavif	>= 0	< 1.3.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libavif	edge-main	1.0.4-r0	Bart Ribbers <bribbers@disroot.org>	possibly vulnerable
libavif	edge-main	1.1.1-r0	Bart Ribbers <bribbers@disroot.org>	possibly vulnerable
libavif	edge-main	1.2.0-r0	Bart Ribbers <bribbers@disroot.org>	possibly vulnerable
libavif	edge-main	1.2.1-r0	Bart Ribbers <bribbers@disroot.org>	possibly vulnerable
libavif	edge-main	1.2.1-r1	Bart Ribbers <bribbers@disroot.org>	possibly vulnerable