CVE-2025-29070

NameCVE-2025-29070
DescriptionA heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there only as a helper for low-level programming and investigation."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lcms2 (PTS)bullseye2.12~rc1-2vulnerable
bookworm2.14-2vulnerable
sid, trixie2.16-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lcms2source(unstable)(unfixed)unimportant

Notes

https://github.com/mm2/Little-CMS/issues/475
Fixed by: https://github.com/mm2/Little-CMS/commit/ec399d6879184e92a88c9099c60573f35e82e28b
Negligible security impact, affected fuction never called on normal color managment

Search for package or bug name: Reporting problems