Description

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.

INFO

Published Date :

2025-12-29T19:09:54.628Z

Last Modified :

2025-12-30T22:26:20.374Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-68431 vulnerability.

Vendors Products
Struktur
  • Libheif
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-68431.

URL Resource
https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46 cve-icon cve-icon
https://github.com/strukturag/libheif/releases/tag/v1.21.0 cve-icon cve-icon
https://github.com/strukturag/libheif/security/advisories/GHSA-j87x-4gmq-cqfq cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact