CVE-2025-47256 | Libxmp up to 4.6.2 Tracker Module loaders/prowizard/pha.c depack_pha integer underflow (ID 847)

Inserito da Angelo Barbosa | Mag 7, 2025 | CVE

A vulnerability was found in Libxmp up to 4.6.2. It has been classified as problematic. Affected is the function depack_pha of the file loaders/prowizard/pha.c of the component Tracker Module. The manipulation leads to integer underflow.

This vulnerability is traded as CVE-2025-47256. The attack needs to be approached locally. There is no exploit available.

CVE-2025-47256 | Libxmp up to 4.6.2 Tracker Module loaders/prowizard/pha.c depack_pha integer underflow (ID 847)

Post correlati

CVE-2024-41721 | FreeBSD bhyve out-of-bounds

CVE-2025-0143 | Zoom Workplace App/Meeting SDK/Video SDK up to 6.2.4 on Linux out-of-bounds write

CVE-2024-20293 | Cisco ASA/Firepower Threat Defense Software Inactive-to-Active ACL interpretation conflict (cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX)

CVE-2024-45292 | PHPOffice PhpSpreadsheet up to 1.29.1/2.1.0 javascript URL cross site scripting (GHSA-r8w8-74ww-j4wh)