NIXPKGS-2026-0236

GitHub issue published on 15 Feb 2026

Permalink CVE-2025-12474

updated 3 weeks ago by @LeSuisse Activity log

Created automatic suggestion 3 weeks, 4 days ago
@LeSuisse accepted 3 weeks ago
@LeSuisse published on GitHub 3 weeks ago

libjxl: Uninitialized memory read in decoder due to incorrect optimization in patch handling

A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas.

References

https://github.com/libjxl/libjxl/pull/4495

Affected products

libjxl

=<0.11.1

Matching in nixpkgs

pkgs.libjxl

JPEG XL image format reference implementation

nixos-unstable 0.11.1
- nixpkgs-unstable 0.11.1
- nixos-unstable-small 0.11.1
nixos-25.11 0.11.1
- nixos-25.11-small 0.11.1
- nixpkgs-25.11-darwin 0.11.1

Package maintainers

@nh2 Niklas Hambüchen <mail@nh2.me>

Upstream issue: https://github.com/libjxl/libjxl/pull/4495
Upstream patch: https://github.com/libjxl/libjxl/commit/4523cf652f568f1fbb57bf9a10ae3caae785cd9f

Nixpkgs Security Tracker

Details of issue NIXPKGS-2026-0236

References

Affected products

Matching in nixpkgs

pkgs.libjxl

Package maintainers