MGASA-2025-0076

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2025-0076.html

Import Source

https://advisories.mageia.org/MGASA-2025-0076.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2025-0076

Related

Published

2025-02-25T21:40:52Z

Modified

2025-02-25T21:11:35Z

Summary

Updated dcmtk packages fix security vulnerabilities

Details

A buffer overflow in DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DCM file (CVE-2025-25472). DCMTK was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h (CVE-2025-25474). A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file (CVE-2025-25475).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / dcmtk

Package

Name: dcmtk
Purl: pkg:rpm/mageia/dcmtk?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.7-4.4.mga9

Ecosystem specific

{
    "section": "core"
}