Red Hat Product Errata RHSA-2025:9125 - Security Advisory
Issued:
2025-06-16
Updated:
2025-06-16

RHSA-2025:9125 - Security Advisory

Synopsis

Important: libvpx security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvpx is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

  • libvpx: Double-free in libvpx encoder (CVE-2025-5283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2368749 - CVE-2025-5283 libvpx: Double-free in libvpx encoder

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
libvpx-1.7.0-10.el8_8.1.src.rpm SHA-256: 6fc3bcffe2a6b71c7436f8102ca385966b12211a8c364db648022fbcd368e3af
x86_64
libvpx-1.7.0-10.el8_8.1.i686.rpm SHA-256: 8a04198c495f4506eff998030d08fe85c896779983149e92f1e137eb4509ba43
libvpx-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 6e2672476c4d9d93ca33bcce0a4201a465c164d2e50367c7a4725b38f4139001
libvpx-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: d8eef03d282a62bb3ca4c4118b156c8e45fa081653e509c21a231a506499d77e
libvpx-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 446c669c38c56b053a277ef70486a8ad712ac690f5d91313a90c2d051ccc1dba
libvpx-debugsource-1.7.0-10.el8_8.1.i686.rpm SHA-256: 1ae7f246a16678d58c0b9b825fde6024590435f1788333b5d3405a0f00e106b8
libvpx-debugsource-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 5a9ad2da292aa021566335ef5a4271333145befe35b12925c3bd15ca1cffbae7
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: 898dd04a767c396045cdeeab07de4936259d3a4d84ff79e66d604fbe77e7642d
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: ea78780bf23766db7837a46c7e426805b6761661df68415a6145105addadec32

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
libvpx-1.7.0-10.el8_8.1.src.rpm SHA-256: 6fc3bcffe2a6b71c7436f8102ca385966b12211a8c364db648022fbcd368e3af
x86_64
libvpx-1.7.0-10.el8_8.1.i686.rpm SHA-256: 8a04198c495f4506eff998030d08fe85c896779983149e92f1e137eb4509ba43
libvpx-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 6e2672476c4d9d93ca33bcce0a4201a465c164d2e50367c7a4725b38f4139001
libvpx-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: d8eef03d282a62bb3ca4c4118b156c8e45fa081653e509c21a231a506499d77e
libvpx-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 446c669c38c56b053a277ef70486a8ad712ac690f5d91313a90c2d051ccc1dba
libvpx-debugsource-1.7.0-10.el8_8.1.i686.rpm SHA-256: 1ae7f246a16678d58c0b9b825fde6024590435f1788333b5d3405a0f00e106b8
libvpx-debugsource-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 5a9ad2da292aa021566335ef5a4271333145befe35b12925c3bd15ca1cffbae7
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: 898dd04a767c396045cdeeab07de4936259d3a4d84ff79e66d604fbe77e7642d
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: ea78780bf23766db7837a46c7e426805b6761661df68415a6145105addadec32

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
libvpx-1.7.0-10.el8_8.1.src.rpm SHA-256: 6fc3bcffe2a6b71c7436f8102ca385966b12211a8c364db648022fbcd368e3af
ppc64le
libvpx-1.7.0-10.el8_8.1.ppc64le.rpm SHA-256: 776fe52f3ab28bbd108779a569ad492079747a914af11027f7894810a9c4943e
libvpx-debuginfo-1.7.0-10.el8_8.1.ppc64le.rpm SHA-256: 9731f4d600e4bfa0a9edcc5de267f15f785da0635aba966599d6a6b2242a954b
libvpx-debugsource-1.7.0-10.el8_8.1.ppc64le.rpm SHA-256: 61451630ab71cee4e08654802ad98681fac689f58570ccdbe773cf4bf590166e
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.ppc64le.rpm SHA-256: 9b82cc6d19693c4e52c70ec6ebba52e79ea5e8a92bbfa11f981e96c4c3504086

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
libvpx-1.7.0-10.el8_8.1.src.rpm SHA-256: 6fc3bcffe2a6b71c7436f8102ca385966b12211a8c364db648022fbcd368e3af
x86_64
libvpx-1.7.0-10.el8_8.1.i686.rpm SHA-256: 8a04198c495f4506eff998030d08fe85c896779983149e92f1e137eb4509ba43
libvpx-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 6e2672476c4d9d93ca33bcce0a4201a465c164d2e50367c7a4725b38f4139001
libvpx-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: d8eef03d282a62bb3ca4c4118b156c8e45fa081653e509c21a231a506499d77e
libvpx-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 446c669c38c56b053a277ef70486a8ad712ac690f5d91313a90c2d051ccc1dba
libvpx-debugsource-1.7.0-10.el8_8.1.i686.rpm SHA-256: 1ae7f246a16678d58c0b9b825fde6024590435f1788333b5d3405a0f00e106b8
libvpx-debugsource-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: 5a9ad2da292aa021566335ef5a4271333145befe35b12925c3bd15ca1cffbae7
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.i686.rpm SHA-256: 898dd04a767c396045cdeeab07de4936259d3a4d84ff79e66d604fbe77e7642d
libvpx-utils-debuginfo-1.7.0-10.el8_8.1.x86_64.rpm SHA-256: ea78780bf23766db7837a46c7e426805b6761661df68415a6145105addadec32

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.