Nixpkgs security tracker
Permalink
CVE-2026-3949
3.3 LOW
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): Low (L)
- Exploit Code Maturity (E): Proof-of-Concept (P)
- Remediation Level (RL): Official Fix (O)
- Report Confidence (RC): Confirmed (C)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): Low (L)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse accepted
- @LeSuisse published on GitHub
strukturag libheif HEIF File decoder_vvdec.cc vvdec_push_data2 out-of-bounds
A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument size can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This patch is called b97c8b5f198b27f375127cd597a35f2113544d03. It is advisable to implement a patch to correct this issue.
References
-
VDB-350381 | strukturag libheif HEIF File decoder_vvdec.cc vvdec_push_data2 out-of-bounds vdb-entrytechnical-description
-
-
Submit #765979 | strukturag libheif 1.21.2 Out-of-Bounds Read third-party-advisory
-
https://github.com/strukturag/libheif/issues/1712 issue-tracking
Affected products
libheif
- ==1.21.0
- ==1.21.1
- ==1.21.2
Package maintainers
-
@kuflierl Kennet Flierl <kuflierl@gmail.com>