Skip to main content

Red Hat CVE-2026-34544

| EUVDEUVD-2026-18060 HIGH
Integer Overflow or Wraparound (CWE-190)
2026-04-01 GitHub_M GHSA-h762-rhv3-h25v
8.4
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.4 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
7.3 HIGH
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Red Hat
6.6 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

4
Patch released
Apr 04, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 01, 2026 - 21:15 euvd
EUVD-2026-18060
Analysis Generated
Apr 01, 2026 - 21:15 vuln.today
CVE Published
Apr 01, 2026 - 20:55 nvd
HIGH 8.4

DescriptionGitHub Advisory

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via exr_decoding_run(). Consequences range from immediate crash (most likely) to corruption of adjacent heap allocations (layout-dependent). This issue has been patched in version 3.4.8.

AnalysisAI

Out-of-bounds heap write in OpenEXR 3.4.0-3.4.7 allows local attackers to crash applications or corrupt memory when processing malicious B44/B44A compressed EXR files. Attack requires user interaction to open a crafted image file. Patched in version 3.4.8. CVSS 8.4 (High) reflects local attack vector with no privileges required but mandatory user action. No confirmed active exploitation or public POC identified at time of analysis, though proof-of-concept development is feasible given the detailed GitHub advisory and commit.

Technical ContextAI

OpenEXR is the Academy Software Foundation's reference implementation for the EXR high-dynamic-range image format widely used in visual effects and animation pipelines. The vulnerability resides in exr_decoding_run(), the core decompression routine for B44 and B44A wavelet-based compression schemes. CWE-190 (Integer Overflow or Wraparound) indicates the root cause: arithmetic overflow during buffer size calculations leads to undersized heap allocation, causing subsequent write operations to exceed bounds. The affected component (cpe:2.3:a:academysoftwarefoundation:openexr) is a foundational library linked into image processing applications, video editing suites, and rendering pipelines across the media production ecosystem. The flaw exists in the C++ core library's decoding path, triggered during file parsing when chunk metadata specifies B44/B44A compression.

RemediationAI

Upgrade to OpenEXR version 3.4.8 or later, which contains the patched exr_decoding_run() implementation addressing the integer overflow condition (commit 35e7aa35e22c1975606be86e859f31cc1fc598ee). Downstream application vendors should rebuild against the fixed library and distribute updates. For environments unable to immediately upgrade, implement defense-in-depth controls: restrict EXR file processing to trusted sources only, deploy application sandboxing (containers, mandatory access control) to limit heap corruption impact, and enable memory safety mitigations (ASLR, DEP, heap hardening) at the OS level. Security advisory and release notes available at https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.8. Organizations should inventory all software dependencies on OpenEXR (check build manifests, package managers, and bundled libraries) to ensure comprehensive remediation coverage across development, rendering farm, and production workstations.

Vendor StatusVendor

SUSE

Severity: High
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-34544 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy