OESA-2025-2073

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2073
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2025-2073.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2025-2073
Upstream
Published
2025-08-22T11:36:55Z
Modified
2025-08-22T12:16:03.468010Z
Summary
zvbi security update
Details

The ZVBI library provides functions to read from Linux V4L, V4L2 and FreeBSD BKTR raw VBI capture devices, from Linux DVB devices and from a VBI proxy to share V4L and V4L2 VBI devices between multiple applications. It can demodulate raw to sliced VBI data in software, with support for a wide range of formats, has functions to decode several popular services including Teletext and Closed Caption, a Teletext cache with search function, various text export and rendering functions.

Security Fix(es):

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function vbistrndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.(CVE-2025-2175)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP4 / zvbi

Package

Name
zvbi
Purl
pkg:rpm/openEuler/zvbi&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.35-10.oe2003sp4

Ecosystem specific 

{
    "src": [
        "zvbi-0.2.35-10.oe2003sp4.src.rpm"
    ],
    "aarch64": [
        "zvbi-0.2.35-10.oe2003sp4.aarch64.rpm",
        "zvbi-debuginfo-0.2.35-10.oe2003sp4.aarch64.rpm",
        "zvbi-debugsource-0.2.35-10.oe2003sp4.aarch64.rpm",
        "zvbi-devel-0.2.35-10.oe2003sp4.aarch64.rpm",
        "zvbi-help-0.2.35-10.oe2003sp4.aarch64.rpm"
    ],
    "x86_64": [
        "zvbi-0.2.35-10.oe2003sp4.x86_64.rpm",
        "zvbi-debuginfo-0.2.35-10.oe2003sp4.x86_64.rpm",
        "zvbi-debugsource-0.2.35-10.oe2003sp4.x86_64.rpm",
        "zvbi-devel-0.2.35-10.oe2003sp4.x86_64.rpm",
        "zvbi-help-0.2.35-10.oe2003sp4.x86_64.rpm"
    ]
}