CVE-2025-7345 is a high-severity vulnerability identified in Red Hat Enterprise Linux 10, specifically within the gdk-pixbuf library and the GLib library. The flaw arises in the gdk_pixbuf__jpeg_image_load_increment function (located in io-jpeg.c) and the g_base64_encode_step function (located in glib/gbase64.c). The vulnerability is a classic heap-based buffer overflow triggered when processing maliciously crafted JPEG images. During the Base64 encoding process, the code fails to properly check the size of the input buffer before copying data, leading to out-of-bounds reads from heap memory. This can cause application crashes or potentially allow an attacker to execute arbitrary code remotely without requiring any authentication or user interaction. The vulnerability has a CVSS v3.1 score of 7.5, indicating a high level of severity. The attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope is unchanged (S:U), and the impact affects availability (A:H) but not confidentiality or integrity. Although no known exploits are currently reported in the wild, the nature of the vulnerability and its presence in a widely used Linux distribution make it a significant concern. The vulnerability affects core system libraries used for image processing and encoding, which are commonly leveraged by various applications and services on Red Hat Enterprise Linux 10 systems.

For European organizations, this vulnerability poses a considerable risk, especially for those relying on Red Hat Enterprise Linux 10 in production environments. The heap buffer overflow can lead to denial-of-service conditions due to application crashes, disrupting critical services. More severely, the potential for arbitrary code execution could allow attackers to gain control over affected systems, leading to data breaches, lateral movement within networks, or deployment of ransomware and other malware. Given that no authentication or user interaction is required, exploitation could be automated and widespread if malicious JPEG images are processed by vulnerable applications exposed to network traffic. This is particularly concerning for sectors such as finance, government, healthcare, and critical infrastructure in Europe, where Red Hat Enterprise Linux is commonly deployed. The vulnerability could be exploited via web services, email gateways, or any system that processes user-supplied JPEG images, increasing the attack surface. The disruption or compromise of such systems could have cascading effects on business continuity, data privacy compliance (e.g., GDPR), and national security interests within Europe.

European organizations should prioritize patching Red Hat Enterprise Linux 10 systems as soon as vendor updates become available, even though no patch links are currently provided. In the interim, organizations should implement the following specific mitigations: 1) Restrict or filter incoming network traffic to limit exposure of services that process JPEG images, especially those accessible from untrusted networks. 2) Employ application-layer filtering or sandboxing for image processing tasks to isolate potentially malicious inputs. 3) Monitor logs and system behavior for signs of crashes or anomalous activity related to image processing components. 4) Use intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect attempts to exploit this vulnerability. 5) Review and harden configurations of applications that utilize gdk-pixbuf and GLib libraries to minimize unnecessary image processing or disable JPEG support if not required. 6) Educate security teams to recognize exploitation attempts involving malformed JPEG files. These targeted actions, combined with prompt patching once available, will reduce the risk of successful exploitation.