Red Hat Product Errata RHSA-2025:14138 - Security Advisory
Issued:
2025-08-20
Updated:
2025-08-20

RHSA-2025:14138 - Security Advisory

Synopsis

Moderate: libvpx security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvpx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

  • libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2291198 - CVE-2024-5197 libvpx: Integer overflow in vpx_img_alloc()

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
libvpx-1.9.0-7.el9_2.2.src.rpm SHA-256: a9a1fd29a59061e5b2aba97aabe51e7800dbe2f2820a8873b48cb465fa3d9b32
x86_64
libvpx-1.9.0-7.el9_2.2.i686.rpm SHA-256: bd5af48a7a06bb488aca17260a587728e5b08f1d4d7c80f61f6ebba2fce2ccc8
libvpx-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: c9e217201cf565176893ac4368f9ed8326e7e53701928ca8944ddd3e4ebf9ca7
libvpx-debuginfo-1.9.0-7.el9_2.2.i686.rpm SHA-256: f836b302512687556dd662bbd51433584126563dd0dd0c320c5d02b683faaec9
libvpx-debuginfo-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: 5e5f99952db6f70c0bee20f8166a439d42fc8a5161da600dadb1b310c4086050
libvpx-debugsource-1.9.0-7.el9_2.2.i686.rpm SHA-256: 34e3c027cc39a446f63a0a78e8e5ef02473ce5ae4478cf53ae5a326c8853a3fd
libvpx-debugsource-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: 3beb29a35f1153a3be3ff7f7d58812ae82e5f4cecf3c538a0257eabc5ccd96c6
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.i686.rpm SHA-256: 59520b81f267f42c62b61e112fc8ca31d69f31668b76845782e3ff4e64550bdb
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: f54a873d7175e13aeb63970a1477d129de4fe956b02c225ce707eaaf920491a2

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
libvpx-1.9.0-7.el9_2.2.src.rpm SHA-256: a9a1fd29a59061e5b2aba97aabe51e7800dbe2f2820a8873b48cb465fa3d9b32
ppc64le
libvpx-1.9.0-7.el9_2.2.ppc64le.rpm SHA-256: 479fd5ba691bf3e1e7b583f8650c4b5f810c03b2735eb3ef65ab2821145fc8f7
libvpx-debuginfo-1.9.0-7.el9_2.2.ppc64le.rpm SHA-256: ccd5e49e0ef0d1b33cf98d58373b8dab83e8efa013d4e1408158dcd8b76febb6
libvpx-debugsource-1.9.0-7.el9_2.2.ppc64le.rpm SHA-256: 4dd89a4f7ae58478937d2ffcdcb1412e3f40174115adca98549228a2519d5c83
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.ppc64le.rpm SHA-256: cd208cfb3054a0b7f2d30a1104021a9fb8bcda7b5e345867d161de2e3d4d9403

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
libvpx-1.9.0-7.el9_2.2.src.rpm SHA-256: a9a1fd29a59061e5b2aba97aabe51e7800dbe2f2820a8873b48cb465fa3d9b32
x86_64
libvpx-1.9.0-7.el9_2.2.i686.rpm SHA-256: bd5af48a7a06bb488aca17260a587728e5b08f1d4d7c80f61f6ebba2fce2ccc8
libvpx-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: c9e217201cf565176893ac4368f9ed8326e7e53701928ca8944ddd3e4ebf9ca7
libvpx-debuginfo-1.9.0-7.el9_2.2.i686.rpm SHA-256: f836b302512687556dd662bbd51433584126563dd0dd0c320c5d02b683faaec9
libvpx-debuginfo-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: 5e5f99952db6f70c0bee20f8166a439d42fc8a5161da600dadb1b310c4086050
libvpx-debugsource-1.9.0-7.el9_2.2.i686.rpm SHA-256: 34e3c027cc39a446f63a0a78e8e5ef02473ce5ae4478cf53ae5a326c8853a3fd
libvpx-debugsource-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: 3beb29a35f1153a3be3ff7f7d58812ae82e5f4cecf3c538a0257eabc5ccd96c6
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.i686.rpm SHA-256: 59520b81f267f42c62b61e112fc8ca31d69f31668b76845782e3ff4e64550bdb
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.x86_64.rpm SHA-256: f54a873d7175e13aeb63970a1477d129de4fe956b02c225ce707eaaf920491a2

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
libvpx-1.9.0-7.el9_2.2.src.rpm SHA-256: a9a1fd29a59061e5b2aba97aabe51e7800dbe2f2820a8873b48cb465fa3d9b32
aarch64
libvpx-1.9.0-7.el9_2.2.aarch64.rpm SHA-256: f55397a4fe471a9aa53776f0a28d218b4eef9ab068ebf3ffad008d8e532e379c
libvpx-debuginfo-1.9.0-7.el9_2.2.aarch64.rpm SHA-256: 34eb9a2078bbb2050d23972e89b918ba34c5b8918dea9f25daa54830fbdcad28
libvpx-debugsource-1.9.0-7.el9_2.2.aarch64.rpm SHA-256: b08ca97dc47b299ba3ffaa7e40a78fce9a1fb19db887e3355ed70c9d4804628a
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.aarch64.rpm SHA-256: 621bc66d837eaf2fd5192e32314fcce6ac1ffbaab06008859d9e7f15379331c1

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
libvpx-1.9.0-7.el9_2.2.src.rpm SHA-256: a9a1fd29a59061e5b2aba97aabe51e7800dbe2f2820a8873b48cb465fa3d9b32
s390x
libvpx-1.9.0-7.el9_2.2.s390x.rpm SHA-256: eea69724ad24fc7da0f6b2bc05a1f40e32d04d995083b74583a4fb7438fd2266
libvpx-debuginfo-1.9.0-7.el9_2.2.s390x.rpm SHA-256: 40f02cd7f7db779ee5ffc05b0f145c4433c54e4ebdf10d88263bfefe52924b09
libvpx-debugsource-1.9.0-7.el9_2.2.s390x.rpm SHA-256: adfebad55a5d8590c2fc1b90ec41bb132bdff08395f150f6095494206523761f
libvpx-utils-debuginfo-1.9.0-7.el9_2.2.s390x.rpm SHA-256: a444c8d4f118aaace0ab5b64a92abc07785839c79668160f90e4010453e2498c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.