UbuntuUpdates.org

Bugs fixes in "libheif"

Origin Bug number Title Date fixed
CVE CVE-2026-32738 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples_per_chun 2026-06-18
CVE CVE-2026-41071 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares mo 2026-06-18
CVE CVE-2026-41069 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds 2026-06-18
CVE CVE-2026-3950 A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of th 2026-06-18
CVE CVE-2026-32882 libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in 2026-06-18
CVE CVE-2026-32814 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false 2026-06-18
CVE CVE-2026-32741 libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_i 2026-06-18
CVE CVE-2026-32740 libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the gri 2026-06-18
CVE CVE-2026-32739 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite lo 2026-06-18
CVE CVE-2026-32738 libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples_per_chun 2026-06-18
Launchpad 2142762 [SRU] Demote libde265 to Suggests 2026-05-06
Launchpad 2142762 [SRU] Demote libde265 to Suggests 2026-05-06
Launchpad 2142762 [SRU] Demote libde265 to Suggests 2026-03-26
Launchpad 2142762 [SRU] Demote libde265 to Suggests 2026-03-26
CVE CVE-2025-68431 libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg 2026-01-12
CVE CVE-2024-25269 libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack. 2026-01-12
CVE CVE-2025-68431 libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg 2026-01-12
CVE CVE-2024-25269 libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack. 2026-01-12
CVE CVE-2025-68431 libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg 2026-01-12
CVE CVE-2025-68431 libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg 2026-01-12



About   -   Send Feedback to @ubuntu_updates