MGASA-2026-0247

Source
https://advisories.mageia.org/MGASA-2026-0247.html
Import Source
https://advisories.mageia.org/MGASA-2026-0247.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2026-0247
Upstream
  • CVE-2026-47178
Published
2026-07-13T21:24:46Z
Modified
2026-07-13T21:30:06.035837680Z
Summary
Updated libheif packages fix security vulnerabilities
Details

libheif has a Heap OOB Read/SEGV Crash via Zero samplesperchunk. (CVE-2026-32738) libheif is Vulnerable to Infinite Loop DoS via stts Sample Duration Lookup. (CVE-2026-32739) Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing. (CVE-2026-32740) libheif has a heap buffer overflow in decodemaskimage(). (CVE-2026-32741) Uninitialized Heap Memory Information Leak via Failed Grid Tiles. (CVE-2026-32814) Heap Buffer OOB Read in overlay compositing due to wrong alpha stride. (CVE-2026-32882) strukturag libheif stsz/stts track.cc load out-of-bounds. (CVE-2026-3950) libheif allows Out-of-bounds vector access leading to invalid dereference (DoS). (CVE-2026-41069) Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample count. (CVE-2026-41071) A critical heap-based buffer overflow vulnerability exists in libheif v1.21.2 (and likely earlier versions) within the handling of uncompressed HEIF images (ISO/IEC 23001-17, unci item type). When processing a tiled image with chroma subsampling (e.g., 4:2:0 or 4:2:2), the library fails to scale spatial offsets for the chroma planes. This leads to out-of-bounds memory writes when decoding any tile other than the top-left one, potentially resulting in remote code execution. (CVE-2026-47178) Wrapped icef compressed-unit range check causes out-of-bounds read in uncompressed HEIF decoder. (CVE-2026-49271)

References
Credits

Affected packages

Mageia:10 / libheif

Package

Name
libheif
Purl
pkg:rpm/mageia/libheif?arch=source&distro=mageia-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.20.2-3.1.mga10

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2026-0247.json"

Mageia:10 / libheif

Package

Name
libheif
Purl
pkg:rpm/mageia/libheif?arch=source&distro=mageia-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.20.2-3.1.mga10.tainted

Ecosystem specific

{
    "section": "tainted"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2026-0247.json"