CVE-2025-59728

EUVD-2025-32177
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below [0], it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is not an empty string, it is assigned to root_url at [1].If the last (non-NUL) byte in this buffer is not '/' then we append '/' in-place at [2]. This will write two bytes into the buffer, starting at the last valid byte in the buffer, writing the NUL byte beyond the end of the allocated buffer.
We recommend upgrading to version 8.0 or beyond.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libavcodec58_134
suse enterprise desktop 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise desktop 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
suse enterprise server 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP7
4.4.6-150600.13.33.1
fixed
libavformat58_76
suse enterprise desktop 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise desktop 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
suse enterprise server 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP7
4.4.6-150600.13.33.1
fixed
libavutil56_70
suse enterprise desktop 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise desktop 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
suse enterprise server 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP7
4.4.6-150600.13.33.1
fixed
libpostproc55_9
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
libswresample3_9
suse enterprise desktop 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise desktop 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
suse enterprise server 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP7
4.4.6-150600.13.33.1
fixed
libswscale5_9
suse enterprise desktop 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise desktop 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise sap 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP4
4.4.6-150400.3.55.1
fixed
suse enterprise server 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise server 15 SP7
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP6
4.4.6-150600.13.33.1
fixed
suse enterprise workstation 15 SP7
4.4.6-150600.13.33.1
fixed
Common Weakness Enumeration
References
https://issuetracker.google.com/433502298