CVE-2025-59732

Published: Oct 6, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at [0] and [1] will continue to write until the next multiple of 8. The buffer td->uncompressed_data is allocated in decode_block based on the precise height and width of the image, so the "rounded-up" multiple of 8 in the copy loop can exceed the buffer bounds, and the write block starting at [2] can corrupt following heap memory. We recommend upgrading to version 8.0 or beyond.

Vendor	Product	Versions
FFmpeg	FFmpeg	affected `9a32b863074ed4140141e0d3613905c6f1fe61c5 - < 8.0` affected `7.1.1 - < 8.0`

Weaknesses (CWE)

CWE-787

References

https://issuetracker.google.com/436510316

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-59732

Description

Affected Products

Weaknesses (CWE)

References