SUSE-SU-2025:01572-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2025-43961 CVE-2025-43962 CVE-2025-43963 CVE-2025-43964

Published: 06 Jun 2025, 13:12

Last modified:04 Feb 2026, 04:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Jun 2025, 13:12

Published

Vulnerability first disclosed

04 Feb 2026, 04:09

Last Modified

Vulnerability information updated

Description

Security update for libraw This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643) - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phase_one_correct function (bsc#1241585) - CVE-2025-43963: Fixed out-of-buffer access during phase_one_correct in decoders/load_mfbacks.cpp (bsc#1241642) - CVE-2025-43964: Fixed tag 0x412 processing in phase_one_correct does not enforce minimum w0 and w1 values (bsc#1241584)

Affected Systems

suse•libraw&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP7
< 0.21.1-150600.3.5.1
suse•libraw&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7
< 0.21.1-150600.3.5.1
suse•libraw&distro=SUSE Linux Enterprise Workstation Extension 15 SP7
< 0.21.1-150600.3.5.1

SUSE-SU-2025:01572-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (9)