Red Hat Product Errata RHSA-2025:9123 - Security Advisory
Issued:
2025-06-16
Updated:
2025-06-16

RHSA-2025:9123 - Security Advisory

Synopsis

Important: libvpx security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvpx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

  • libvpx: Double-free in libvpx encoder (CVE-2025-5283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2368749 - CVE-2025-5283 libvpx: Double-free in libvpx encoder

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
libvpx-1.9.0-7.el9_2.1.src.rpm SHA-256: 48367912a6f37cebef6b5834bfe7524082eb901af2ea0d9f879592bb5148778b
x86_64
libvpx-1.9.0-7.el9_2.1.i686.rpm SHA-256: 9d6853818e33ecffb5e836871f18065870f9bbbe28ddbd9072232c2e7d8a5e8c
libvpx-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 043dcd758ee10f11bc02e910df8be932163661836dc097bbe45e475980fa5124
libvpx-debuginfo-1.9.0-7.el9_2.1.i686.rpm SHA-256: 155180ac222de60270c45cc0535a8f5be4351928d7c27a64d574f36a7a1a4f5d
libvpx-debuginfo-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 3330780e5a6a8f62dbae773491a7293df5891ae727f441b9bb33fafa7346183a
libvpx-debugsource-1.9.0-7.el9_2.1.i686.rpm SHA-256: 964d9ef0b42d3e536ca94c1aa3f8c55d14fec99892a72d7021b32ab1e28a0052
libvpx-debugsource-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: db0fd02872615cd17e42feca94178cdf66c5c56a32c61bfd4c127260cd7cde97
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.i686.rpm SHA-256: 254d4d908b9cd1a21859a4d975fe19b0bee15c8cecfb7f16307d82e5de4d26cb
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 9f5297bce2f764111331968b396a39a31ebcb7b2d6d0b3eddab8b4004f9d27a1

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
libvpx-1.9.0-7.el9_2.1.src.rpm SHA-256: 48367912a6f37cebef6b5834bfe7524082eb901af2ea0d9f879592bb5148778b
ppc64le
libvpx-1.9.0-7.el9_2.1.ppc64le.rpm SHA-256: c4fe21a34bb6ef603821fb3af8b8848a4908dbda8d36ec5941b862c38bd7a84c
libvpx-debuginfo-1.9.0-7.el9_2.1.ppc64le.rpm SHA-256: bd40eaf59020af99ac4cc2b49ffcecef75fb5bb7cbd64d807952c3446d69feaa
libvpx-debugsource-1.9.0-7.el9_2.1.ppc64le.rpm SHA-256: 33611384d3d1ee3cbfd1cf1add0f5ad1f52af2c2b008947f9a9b98940171910c
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.ppc64le.rpm SHA-256: 5de34b2bfb12156e9a9a1e4a129117c8bc86aed45aa6714b305c7efbd4aae0ab

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
libvpx-1.9.0-7.el9_2.1.src.rpm SHA-256: 48367912a6f37cebef6b5834bfe7524082eb901af2ea0d9f879592bb5148778b
x86_64
libvpx-1.9.0-7.el9_2.1.i686.rpm SHA-256: 9d6853818e33ecffb5e836871f18065870f9bbbe28ddbd9072232c2e7d8a5e8c
libvpx-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 043dcd758ee10f11bc02e910df8be932163661836dc097bbe45e475980fa5124
libvpx-debuginfo-1.9.0-7.el9_2.1.i686.rpm SHA-256: 155180ac222de60270c45cc0535a8f5be4351928d7c27a64d574f36a7a1a4f5d
libvpx-debuginfo-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 3330780e5a6a8f62dbae773491a7293df5891ae727f441b9bb33fafa7346183a
libvpx-debugsource-1.9.0-7.el9_2.1.i686.rpm SHA-256: 964d9ef0b42d3e536ca94c1aa3f8c55d14fec99892a72d7021b32ab1e28a0052
libvpx-debugsource-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: db0fd02872615cd17e42feca94178cdf66c5c56a32c61bfd4c127260cd7cde97
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.i686.rpm SHA-256: 254d4d908b9cd1a21859a4d975fe19b0bee15c8cecfb7f16307d82e5de4d26cb
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.x86_64.rpm SHA-256: 9f5297bce2f764111331968b396a39a31ebcb7b2d6d0b3eddab8b4004f9d27a1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
libvpx-1.9.0-7.el9_2.1.src.rpm SHA-256: 48367912a6f37cebef6b5834bfe7524082eb901af2ea0d9f879592bb5148778b
aarch64
libvpx-1.9.0-7.el9_2.1.aarch64.rpm SHA-256: 2964d21a0790ef698776206b9660e1fcac273b0a43c9863979177a8f5daaa9c0
libvpx-debuginfo-1.9.0-7.el9_2.1.aarch64.rpm SHA-256: 5e9394ebd6280f9fd3bb7cf0ec0d233a4fbb3c5456fa91c9b5245dc1ae061c54
libvpx-debugsource-1.9.0-7.el9_2.1.aarch64.rpm SHA-256: fc72b1858e860ddfaa40e650b74451150e104e719d1e5f42b2714ed58756164b
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.aarch64.rpm SHA-256: 378df52c3325de0dbe727248cfcebd6e851fd8a175ba26503f9389710618b9dc

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
libvpx-1.9.0-7.el9_2.1.src.rpm SHA-256: 48367912a6f37cebef6b5834bfe7524082eb901af2ea0d9f879592bb5148778b
s390x
libvpx-1.9.0-7.el9_2.1.s390x.rpm SHA-256: 6c12ad0ce9bc3ee5a6cc2b7e13af382ff5dc3df36b61a49beb8261ee88d9ce72
libvpx-debuginfo-1.9.0-7.el9_2.1.s390x.rpm SHA-256: eb243a33fa9dbe68869fe38ebcbbd8e3cd5a60dff45ce7316031acce3e15c670
libvpx-debugsource-1.9.0-7.el9_2.1.s390x.rpm SHA-256: 766742b252a420f63f1852ddc392c2f3b88e773e554d43c3f63e6549a6673131
libvpx-utils-debuginfo-1.9.0-7.el9_2.1.s390x.rpm SHA-256: dd13c43240e6812cd5cec1e93e4dffbf7aa802bb9236ccb96657e77176d071e2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.