CVE-2025-48175 identifies an integer overflow vulnerability in the libavif library, a widely used open-source implementation for encoding and decoding AVIF image format. The vulnerability exists in the avifImageRGBToYUV function within reformat.c, where integer multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes can overflow. These variables represent the byte sizes of image rows in RGB and YUV color spaces. An integer overflow here can cause incorrect memory allocation or buffer size calculations, leading to potential buffer overflows or memory corruption. This can compromise the integrity and availability of applications processing AVIF images. The CVSS 3.1 score of 4.5 reflects a medium severity with local attack vector, high attack complexity, no privileges required, no user interaction, and a scope change indicating impact beyond the vulnerable component. No known public exploits or patches are currently available, indicating the vulnerability is newly disclosed. The flaw primarily threatens applications that decode or reformat AVIF images using vulnerable libavif versions prior to 1.3.0. Attackers with local access could craft malicious AVIF images to trigger the overflow, potentially causing crashes or arbitrary code execution depending on the application context. Given the widespread adoption of AVIF in web browsers, media players, and image processing tools, this vulnerability could have broad implications once exploited.

For European organizations, the vulnerability poses risks primarily to software and services that incorporate libavif for AVIF image processing, including web browsers, content management systems, media editing tools, and image viewers. Exploitation could lead to denial of service or integrity violations through memory corruption, potentially disrupting business operations or compromising data integrity. Industries such as digital media, publishing, advertising, and software development are particularly at risk. Since exploitation requires local access and has high complexity, remote attacks are less likely without additional vulnerabilities. However, supply chain risks exist if malicious AVIF images are processed automatically in enterprise environments. The impact on confidentiality is minimal, but integrity and availability could be affected. Organizations relying on open-source multimedia libraries should prioritize vulnerability assessments and patch management to prevent exploitation. The absence of known exploits reduces immediate risk but does not eliminate the need for proactive mitigation.

1. Monitor official libavif repositories and vendor advisories for the release of version 1.3.0 or later that addresses this vulnerability. 2. Plan and execute timely updates to libavif in all affected software and systems once patches are available. 3. Conduct code audits and testing of image processing components to detect unsafe handling of AVIF images, focusing on input validation and memory management. 4. Implement strict input validation and sandboxing for image processing workflows to limit the impact of malformed AVIF files. 5. Restrict local access to systems processing AVIF images to trusted users and environments to reduce attack surface. 6. Employ runtime protections such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) to mitigate exploitation impact. 7. Educate developers and system administrators about the risks associated with integer overflows and secure coding practices in multimedia processing. 8. Review and update incident response plans to include scenarios involving image processing vulnerabilities.