{"id":"USN-7924-1","summary":"libpng1.6 vulnerabilities","details":"It was discovered that libpng incorrectly handled memory when processing\ncertain PNG files, which could result in an out-of-bounds memory access.\nIf a user or automated system were tricked into opening a specially\ncrafted PNG file, an attacker could use this issue to cause libpng to\ncrash, resulting in a denial of service. (CVE-2025-64505)\n\nIt was discovered that libpng incorrectly handled memory when processing\n8-bit images through the simplified write API with 'convert_to_8bit'\nenabled, which could result in an out-of-bounds memory access. If a user\nor automated system were tricked into opening a specially crafted 8-bit\nPNG file, an attacker could use this issue to cause libpng to crash,\nresulting in a denial of service. (CVE-2025-64506)\n\nIt was discovered that libpng incorrectly handled memory when processing\npalette images with 'PNG_FLAG_OPTIMIZE_ALPHA' enabled, which could result\nin an out-of-bounds memory access. If a user or automated system were\ntricked into opening a specially crafted PNG file, an attacker could use\nthis issue to cause libpng to crash, resulting in a denial of service.\n(CVE-2025-64720)\n\nIt was discovered that libpng incorrectly handled memory when processing\n6-bit interlaced PNGs with 8-bit output format, which could result in an\nout-of-bounds memory access. If a user or automated system were tricked\ninto opening a specially crafted PNG file, an attacker could use this\nissue to cause libpng to crash, resulting in a denial of service.\n(CVE-2025-65018)","modified":"2026-05-20T16:06:17.271167839Z","published":"2025-12-11T05:26:40Z","related":["UBUNTU-CVE-2025-64505","UBUNTU-CVE-2025-64506","UBUNTU-CVE-2025-64720","UBUNTU-CVE-2025-65018"],"upstream":["UBUNTU-CVE-2025-64505","UBUNTU-CVE-2025-64506","UBUNTU-CVE-2025-64720","UBUNTU-CVE-2025-65018"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7924-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-64505"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-64506"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-64720"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-65018"}],"affected":[{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=esm-infra-legacy%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.20-2ubuntu0.1~esm2"}]}],"versions":["1.6.20-2","1.6.20-2ubuntu0.1~esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_version":"1.6.20-2ubuntu0.1~esm2","binary_name":"libpng16-16"},{"binary_version":"1.6.20-2ubuntu0.1~esm2","binary_name":"libpng16-devtools"},{"binary_version":"1.6.20-2ubuntu0.1~esm2","binary_name":"libpng16-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:16.04:LTS"}}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.34-1ubuntu0.18.04.2+esm1"}]}],"versions":["1.6.34-1","1.6.34-1ubuntu0.18.04.1","1.6.34-1ubuntu0.18.04.2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_version":"1.6.34-1ubuntu0.18.04.2+esm1","binary_name":"libpng-tools"},{"binary_version":"1.6.34-1ubuntu0.18.04.2+esm1","binary_name":"libpng16-16"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64505"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64506"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64720"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-65018"}],"ecosystem":"Ubuntu:Pro:18.04:LTS"}}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.37-2ubuntu0.1~esm1"}]}],"versions":["1.6.37-1","1.6.37-2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_version":"1.6.37-2ubuntu0.1~esm1","binary_name":"libpng-tools"},{"binary_version":"1.6.37-2ubuntu0.1~esm1","binary_name":"libpng16-16"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64505"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64506"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64720"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-65018"}],"ecosystem":"Ubuntu:Pro:20.04:LTS"}}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.37-3ubuntu0.1"}]}],"versions":["1.6.37-3build4","1.6.37-3build5"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.6.37-3ubuntu0.1","binary_name":"libpng-tools"},{"binary_version":"1.6.37-3ubuntu0.1","binary_name":"libpng16-16"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64505"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64506"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64720"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-65018"}],"ecosystem":"Ubuntu:22.04:LTS"}}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.43-5ubuntu0.1"}]}],"versions":["1.6.40-1","1.6.40-2","1.6.40-3","1.6.42-1","1.6.43-1","1.6.43-3","1.6.43-5build1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.6.43-5ubuntu0.1","binary_name":"libpng-tools"},{"binary_version":"1.6.43-5ubuntu0.1","binary_name":"libpng16-16t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64505"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64506"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64720"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-65018"}],"ecosystem":"Ubuntu:24.04:LTS"}}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/libpng1.6?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.50-1ubuntu0.1"}]}],"versions":["1.6.47-1.1","1.6.48-1","1.6.49-1~exp1","1.6.50-1~exp1","1.6.50-1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.6.50-1ubuntu0.1","binary_name":"libpng-tools"},{"binary_version":"1.6.50-1ubuntu0.1","binary_name":"libpng16-16t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7924-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64505"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64506"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-64720"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-65018"}],"ecosystem":"Ubuntu:25.10"}}}],"schema_version":"1.7.5"}