Unrated severityNVD Advisory· Published Apr 20, 2025· Updated Nov 3, 2025
CVE-2025-43962
CVE-2025-43962
Description
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- osv-coords9 versionspkg:rpm/opensuse/libraw&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/libraw&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7
< 0.21.1-150600.3.5.1+ 8 more
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.21.4-1.1
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.15.4-45.1
- (no CPE)range: < 0.21.1-150600.3.5.1
- (no CPE)range: < 0.18.9-150000.3.30.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.