openexr-3.1.1-3.el9_7.2
エラータID: AXSA:2026-604:03
リリース日:
2026/05/12 Tuesday - 18:02
題名:
openexr-3.1.1-3.el9_7.2
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- OpenEXR には、整数オーバーフローに起因したメモリ領域の範囲外
アクセスの問題があるため、リモートの攻撃者により、任意のコード
の実行、および情報の漏洩を可能とする脆弱性が存在します。
(CVE-2026-34588)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2026-34588
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path operates in place, so this yields both out-of-bounds reads and out-of-bounds writes. This vulnerability is fixed in 3.2.7, 3.3.9, and 3.4.9.
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path operates in place, so this yields both out-of-bounds reads and out-of-bounds writes. This vulnerability is fixed in 3.2.7, 3.3.9, and 3.4.9.
追加情報:
N/A
ダウンロード:
SRPMS
- openexr-3.1.1-3.el9_7.2.src.rpm
MD5: dbe102e9b7d42ea5c9ef7ca9200ee981
SHA-256: f28ba061befe688be637e2d98c5cd70ad1a5fe30764a3d05f59dcb26df0f795f
Size: 24.20 MB
Asianux Server 9 for x86_64
- openexr-3.1.1-3.el9_7.2.x86_64.rpm
MD5: 28970bef566dde5e9e5530c2daabb7d1
SHA-256: 666590df52a0605123383667d5cf8e92c1d72ca62fbf90813d0a5cb17a76da24
Size: 115.16 kB - openexr-devel-3.1.1-3.el9_7.2.i686.rpm
MD5: 2aca53f2f754eb0eb4b46950e1654651
SHA-256: 763edcae2db9c99caf57eda4b696c250de5422692da6496062944fd3e206931b
Size: 169.14 kB - openexr-devel-3.1.1-3.el9_7.2.x86_64.rpm
MD5: 2b751a8427dc86694870968fdf524629
SHA-256: f54ab5c193c4533a3e3f93914ebfb66000c80cb98200e8d98d6534b1655c965f
Size: 169.23 kB - openexr-libs-3.1.1-3.el9_7.2.i686.rpm
MD5: 199acc8cb6384fb5cdb2280851be4040
SHA-256: 45f7261fe3f66638407f647cb3d71e5f8c502f78c771809f47462e5e02610e07
Size: 1.13 MB - openexr-libs-3.1.1-3.el9_7.2.x86_64.rpm
MD5: d0e36111336b389c828e215b80eace4a
SHA-256: 68e84b316ff0465f10ac4c4b6d1767f11c775734e79540b71e1e4d8f2c29ea37
Size: 1.07 MB
English