Issued:: 2025-06-16
Updated:: 2025-06-16

RHSA-2025:9128 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libvpx security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvpx is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

libvpx: Double-free in libvpx encoder (CVE-2025-5283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2368749 - CVE-2025-5283 libvpx: Double-free in libvpx encoder

CVEs

CVE-2025-5283

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libvpx-1.7.0-8.el8_2.1.src.rpm	SHA-256: ab63eb6813fe017b79049685dff3b27cdaff40ef422b937f746e16dccf6b858e
x86_64
libvpx-1.7.0-8.el8_2.1.i686.rpm	SHA-256: c97df208afdb817b14f3e45c31c6c51787a54534f055acf0a56b24e547046163
libvpx-1.7.0-8.el8_2.1.x86_64.rpm	SHA-256: 5f27554a251429f29ed44893d0c8fca73569b8625e5e154a65305a2552407cd3
libvpx-debuginfo-1.7.0-8.el8_2.1.i686.rpm	SHA-256: 0f1db67a88077d0443c0aef67518e338bd12733b38f90ddc3d780982dfd524e7
libvpx-debuginfo-1.7.0-8.el8_2.1.x86_64.rpm	SHA-256: a8b817aa6135490b38a3f954dc0dbbf22c6cd27be1d42fb46fdcec0520effebc
libvpx-debugsource-1.7.0-8.el8_2.1.i686.rpm	SHA-256: ed99e87c3be1956191950b103a2e9f2abd3c9fe39887a4cd1edb7116c4120fcd
libvpx-debugsource-1.7.0-8.el8_2.1.x86_64.rpm	SHA-256: 06208ddcc4009ec6c91a1db1d7993e7f407f6a1cec5f4ce289d1905fc3cf6a40
libvpx-utils-debuginfo-1.7.0-8.el8_2.1.i686.rpm	SHA-256: b2644abb5936729aaec0ede121bd990a2b01004993f07f3470391a8e8b21bec2
libvpx-utils-debuginfo-1.7.0-8.el8_2.1.x86_64.rpm	SHA-256: 76551655e5ea552a3813abac2896b9024056c1929a6f6948be760dab2d9c1241

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation