Overview
The vulnerability identified as CVE-2025-7345 is a serious flaw in gdk‑pixbuf and glib’s g_base64_encode_step. It affects any systems or applications that use these libraries for processing JPEG images and Base64 encoding. The criticality of this vulnerability lies in its potential to cause application crashes or arbitrary code execution, leading to system compromise or data leakage.
Vulnerability Summary
CVE ID: CVE-2025-7345
Severity: High (7.5 CVSS)
Attack Vector: Remote
Privileges Required: None
User Interaction: None
Impact: Potential system compromise and data leakage
Affected Products
Escape the Surveillance Era
Most apps won’t tell you the truth.
They’re part of the problem.
Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.
Ameeba Chat gives you a way out.
- • No phone number
- • No email
- • No personal info
- • Anonymous aliases
- • End-to-end encrypted
Chat without a trace.
Product | Affected Versions
gdk‑pixbuf | All versions prior to patch
glib’s g_base64_encode_step | All versions prior to patch
How the Exploit Works
The vulnerability lies within the gdk_pixbuf__jpeg_image_load_increment function in gdk‑pixbuf and glib’s g_base64_encode_step in glib/gbase64.c. When these libraries process maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding. This allows out-of-bounds reads from heap memory, potentially leading to application crashes or arbitrary code execution.
Conceptual Example Code
A conceptual example of how this vulnerability might be exploited could involve sending a malicious JPEG image to a system or application that uses the affected libraries for image processing and Base64 encoding. This could be done through an HTTP POST request like this:
POST /upload/image HTTP/1.1
Host: target.example.com
Content-Type: image/jpeg
{ "image_data": "malicious_base64_encoded_jpeg_image" }In this example, “malicious_base64_encoded_jpeg_image” represents a crafted JPEG image that exploits the heap buffer overflow vulnerability.
