CVE-2025-32468: 
Homebrew vulnerability analysis and mitigation

A memory corruption vulnerability (CVE-2025-32468) exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. The vulnerability was discovered by a member of Cisco Talos and publicly disclosed on August 25, 2025. When loading a specially crafted .bmp file, an integer overflow can occur when calculating the stride for decoding, which subsequently causes a heap-based buffer overflow during image decoding (Talos).

The vulnerability occurs in the bitmap decoding process when calculating buffer sizes. When processing a bitmap image, the library reads the header and uses the width and height values to calculate the buffer size needed for decoding. Due to both the number of bytes for a single row and the height being 32-bits, their product can result in an integer overflow, leading to an undersized buffer allocation. The vulnerability has been assigned a CVSS v3.1 score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-680 (Integer Overflow to Buffer Overflow) (Talos).

The vulnerability can lead to remote code execution under the context of the library. When exploited, the integer overflow results in a buffer overflow condition during image decoding, which can allow an attacker to execute arbitrary code. An attacker needs to convince the library to read a specially crafted malicious file to trigger this vulnerability (Talos).

The vulnerability was patched by the vendor on July 29, 2025. Users should update to a version newer than SAIL Image Decoding Library v0.9.8 to mitigate this vulnerability (Talos).