CVE-2026-41254

描述

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

受影響套件(2)

• Alpine/lcms2from 0, < 2.19-r0
• Debian/lcms2from 0, < 2.12~rc1-2+deb11u1

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2026-41254
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2026-41254