Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-3950
3.3 LOW
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): Low (L)
- Exploit Code Maturity (E): Proof-of-Concept (P)
- Remediation Level (RL): Official Fix (O)
- Report Confidence (RC): Confirmed (C)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): Low (L)
Activity log
- Created suggestion
strukturag libheif stsz/stts track.cc load out-of-bounds
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and might be used. Applying a patch is the recommended action to fix this issue. The patch available is inofficial and not approved yet.
References
-
VDB-350382 | strukturag libheif stsz/stts track.cc load out-of-bounds vdb-entrytechnical-description
-
-
Submit #766431 | strukturag libheif 1.21.2 Out-of-Bounds Read third-party-advisory
-
https://github.com/strukturag/libheif/issues/1715 issue-tracking
-
Affected products
libheif
- ==1.21.0
- ==1.21.1
- ==1.21.2
Package maintainers
-
@kuflierl Kennet Flierl <kuflierl@gmail.com>