Skip to main content

Red Hat CVE-2026-34543

| EUVDEUVD-2026-18058 HIGH
Use of Uninitialized Resource (CWE-908)
2026-04-01 GitHub_M GHSA-vc68-257w-m432
8.7
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Red Hat
6.5 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch released
Apr 04, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 01, 2026 - 21:15 euvd
EUVD-2026-18058
Analysis Generated
Apr 01, 2026 - 21:15 vuln.today
CVE Published
Apr 01, 2026 - 20:56 nvd
HIGH 8.7

DescriptionGitHub Advisory

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data (information disclosure). This occurs under default settings; simply reading a malicious EXR file is sufficient to trigger the issue, without any user interaction. This issue has been patched in version 3.4.8.

AnalysisAI

Heap memory disclosure in OpenEXR 3.4.0 through 3.4.7 allows remote attackers to extract sensitive information through decoded pixel data when processing malicious EXR image files. The vulnerability requires no authentication (PR:N) or user interaction (UI:N), triggering automatically during file parsing under default configurations. With CVSS 8.7 and high confidentiality impact (VC:H), this represents significant risk for applications processing untrusted EXR files. No public exploit identified at time of analysis, though the low attack complexity (AC:L) suggests straightforward exploitation once attack methods are documented.

Technical ContextAI

OpenEXR is the Academy Software Foundation's reference implementation for the EXR high-dynamic-range image format, widely used in visual effects and animation pipelines. This vulnerability stems from CWE-908 (Use of Uninitialized Resource), where the decoding process fails to properly initialize heap memory buffers before processing pixel data. When parsing specially crafted EXR files, uninitialized heap contents leak into the decoded image output, potentially exposing sensitive data from prior memory allocations. The affected component is the core OpenEXR library (cpe:2.3:a:academysoftwarefoundation:openexr) versions 3.4.0 through 3.4.7. The CVSS:4.0 vector indicates network-accessible attack surface with no complexity barriers, making this exploitable through common file-handling workflows like image processing services, content management systems, or automated media pipelines that accept EXR uploads.

RemediationAI

Vendor-released patch: version 3.4.8 fully resolves this vulnerability. Organizations should immediately upgrade all OpenEXR installations to version 3.4.8, available at https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.8. The fix is implemented in commit 5f6d0aaa9e43802917af7db90f181e88e083d3b8 (https://github.com/AcademySoftwareFoundation/openexr/commit/5f6d0aaa9e43802917af7db90f181e88e083d3b8), which properly initializes heap buffers during pixel decoding. For environments unable to immediately upgrade, implement defense-in-depth controls: restrict EXR file processing to trusted sources only, isolate image processing workflows in sandboxed environments with limited access to sensitive data, and implement memory sanitization tools to detect information leaks. Review application logs for unexpected EXR processing activity and validate file sources before parsing.

Vendor StatusVendor

SUSE

Severity: High
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-34543 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy