SB2026050702 - SUSE update for openexr

Security Bulletin ID SB2026050702

CSH Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 vulnerabilities.

1) Integer overflow (CVE-ID: CVE-2026-40244)

The vulnerability allows a remote attacker to corrupt heap memory.

The vulnerability exists due to integer overflow in DWA setupChannelData planarUncRle pointer arithmetic when parsing a crafted EXR file. A remote attacker can supply a crafted DWAA/DWAB EXR file with large dimensions to corrupt heap memory.

User interaction is required to open the crafted file, and the issue is triggered on non-DCT channels, including UINT or single-channel layouts.

2) Integer overflow (CVE-ID: CVE-2026-40250)

The vulnerability allows a remote attacker to corrupt the heap.

The vulnerability exists due to integer overflow or wraparound in DwaCompressor_uncompress() in internal_dwa_compressor.h when parsing a crafted DWAA/DWAB EXR file. A remote attacker can trick the victim into opening a crafted file to corrupt the heap.

User interaction is required to open a crafted file.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20261712-1/

SB2026050702 - SUSE update for openexr

Breakdown by Severity

Description

Remediation

References

Please verify you're human