{"id":"MGASA-2024-0352","summary":"Updated libheif packages fix security vulnerability","details":"In Libheif, insufficient checks in ImageOverlay::parse() while decoding a\nHEIF file containing an overlay image with forged offsets can lead to an\nout-of-bounds read and write. (CVE-2024-41311)\n","modified":"2026-04-16T00:12:20.621506898Z","published":"2024-11-09T05:17:41Z","upstream":["CVE-2024-41311"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0352.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33662"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7082-1"}],"affected":[{"package":{"name":"libheif","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libheif?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.2-1.2.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0352.json"}},{"package":{"name":"libheif","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libheif?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.2-1.2.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0352.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}