Wind River Support Network

HomeDefectsLIN1021-16499
Acknowledged

LIN1021-16499 : Security Advisory - poppler - CVE-2025-52886

Created: Jul 2, 2025    Updated: Aug 20, 2025
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.

CREATE(Triage):(User=lchen-cn) CVE-2025-52886 (https://nvd.nist.gov/vuln/detail/CVE-2025-52886)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube