Red Hat Security Advisory: gdk-pixbuf2 security update
A heap buffer overflow vulnerability (CVE-2025-7345) was identified in the gdk-pixbuf2 image loading library used by GTK+ and clutter toolkits. This vulnerability affects Red Hat Enterprise Linux 7 Extended Lifecycle Support versions. Red Hat has issued a security advisory with a patch to address this issue. The vulnerability is rated as moderate in severity by Red Hat Product Security. The heap buffer overflow could potentially lead to memory corruption if exploited. The advisory provides updated packages to remediate the vulnerability.
AI Analysis
Technical Summary
The gdk-pixbuf2 packages, which provide an image loading library extensible by loadable modules for new image formats and are used by toolkits such as GTK+ and clutter, contain a heap buffer overflow vulnerability identified as CVE-2025-7345. This vulnerability could allow an attacker to cause memory corruption via crafted image data. Red Hat has released a security update for Red Hat Enterprise Linux 7 Extended Lifecycle Support to fix this issue. The advisory references updated packages version 2.36.12-4.el7_9 for multiple architectures. No CVSS score is provided in the advisory, but Red Hat rates the impact as moderate.
Potential Impact
The heap buffer overflow in gdk-pixbuf2 can lead to memory corruption, which may cause application crashes or potentially allow code execution depending on the context of use. The vulnerability affects Red Hat Enterprise Linux 7 Extended Lifecycle Support. No known exploits in the wild have been reported. The impact is rated moderate by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released an official security update for gdk-pixbuf2 in Red Hat Enterprise Linux 7 Extended Lifecycle Support. Users should apply the updated packages (e.g., gdk-pixbuf2-2.36.12-4.el7_9) available from Red Hat to remediate this vulnerability. Refer to the Red Hat advisory RHSA-2025:14683 and the update instructions at https://access.redhat.com/articles/11258 for detailed guidance. No additional mitigation steps are indicated by the vendor.
Red Hat Security Advisory: gdk-pixbuf2 security update
Description
A heap buffer overflow vulnerability (CVE-2025-7345) was identified in the gdk-pixbuf2 image loading library used by GTK+ and clutter toolkits. This vulnerability affects Red Hat Enterprise Linux 7 Extended Lifecycle Support versions. Red Hat has issued a security advisory with a patch to address this issue. The vulnerability is rated as moderate in severity by Red Hat Product Security. The heap buffer overflow could potentially lead to memory corruption if exploited. The advisory provides updated packages to remediate the vulnerability.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The gdk-pixbuf2 packages, which provide an image loading library extensible by loadable modules for new image formats and are used by toolkits such as GTK+ and clutter, contain a heap buffer overflow vulnerability identified as CVE-2025-7345. This vulnerability could allow an attacker to cause memory corruption via crafted image data. Red Hat has released a security update for Red Hat Enterprise Linux 7 Extended Lifecycle Support to fix this issue. The advisory references updated packages version 2.36.12-4.el7_9 for multiple architectures. No CVSS score is provided in the advisory, but Red Hat rates the impact as moderate.
Potential Impact
The heap buffer overflow in gdk-pixbuf2 can lead to memory corruption, which may cause application crashes or potentially allow code execution depending on the context of use. The vulnerability affects Red Hat Enterprise Linux 7 Extended Lifecycle Support. No known exploits in the wild have been reported. The impact is rated moderate by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released an official security update for gdk-pixbuf2 in Red Hat Enterprise Linux 7 Extended Lifecycle Support. Users should apply the updated packages (e.g., gdk-pixbuf2-2.36.12-4.el7_9) available from Red Hat to remediate this vulnerability. Refer to the Red Hat advisory RHSA-2025:14683 and the update instructions at https://access.redhat.com/articles/11258 for detailed guidance. No additional mitigation steps are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:14683
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a3cc29d4853345fc16d383f
Added to database: 06/25/2026, 05:54:37 UTC
Last enriched: 06/25/2026, 06:17:33 UTC
Last updated: 06/25/2026, 06:38:18 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.