CVE-2024-25450 – CVE-2024-25450 is a memory allocation vulnerabi... (How to Fix)

Q: What is the severity of CVE-2024-25450?

CVE-2024-25450 has a CVSS score of 8.8 (HIGH). CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function that could lead to denial of service or arbitrary code execution. This affects any application using the vulnerable imlib2 library for image processing, particularly feh image viewer and Enlightenment desktop environment components. Attackers could exploit this by tricking users into opening malicious image files.

📋 TL;DR

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function that could lead to denial of service or arbitrary code execution. This affects any application using the vulnerable imlib2 library for image processing, particularly feh image viewer and Enlightenment desktop environment components. Attackers could exploit this by tricking users into opening malicious image files.

💻 Affected Systems

Products:

imlib2
feh
Enlightenment desktop environment
Any application using imlib2 library

Versions: imlib2 v1.9.1 specifically

Operating Systems: Linux, BSD, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Any application linking against the vulnerable imlib2 library is affected regardless of configuration.

📦 What is this software?

Imlib2 by Enlightenment

View all CVEs affecting Imlib2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the application using imlib2, potentially leading to full system compromise.

🟠

Likely Case

Application crash (denial of service) when processing specially crafted image files.

🟢

If Mitigated

Limited impact if applications run with minimal privileges and input validation is enforced.

🌐 Internet-Facing: MEDIUM - Exploitation requires user interaction to open malicious files, but web applications processing uploaded images could be vulnerable.

🏢 Internal Only: MEDIUM - Internal users could exploit via malicious files, but requires local access or social engineering.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious image files that trigger the memory allocation issue. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: imlib2 v1.9.2 or later

Vendor Advisory: https://git.enlightenment.org/old/legacy-imlib2/issues/20

Restart Required: Yes

Instructions:

1. Check current imlib2 version: 'imlib2-config --version' 2. Update via package manager: 'sudo apt update && sudo apt upgrade imlib2' (Debian/Ubuntu) or 'sudo yum update imlib2' (RHEL/CentOS) 3. Restart affected applications or reboot system.

🔧 Temporary Workarounds

Disable font loading in imlib2

linux

Prevent imlib2 from loading fonts which may mitigate the vulnerability in init_imlib_fonts()

export IMLIB2_NO_FONTS=1

Run applications with reduced privileges

linux

Run affected applications with minimal permissions using sandboxing or privilege separation

firejail --noprofile application_name

🧯 If You Can't Patch

Restrict image file processing to trusted sources only
Implement application allowlisting to prevent execution of vulnerable imlib2-dependent applications

🔍 How to Verify

Check if Vulnerable:

Check imlib2 version: 'imlib2-config --version' or 'dpkg -l | grep imlib2' or 'rpm -q imlib2'. If version is 1.9.1, system is vulnerable.

Check Version:

imlib2-config --version

Verify Fix Applied:

Verify imlib2 version is 1.9.2 or later using same commands. Test with known safe image files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults when processing image files
Memory allocation errors in application logs

Network Indicators:

Unusual image file uploads to web applications
Multiple failed image processing attempts

SIEM Query:

process.name="feh" AND event.action="crash" OR process.name contains "imlib2" AND event.action="segmentation fault"

📊 Metadata

CVE ID: CVE-2024-25450

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-401

Published: February 9, 2024

Last Updated: June 16, 2025

🔗 References

https://git.enlightenment.org/old/legacy-imlib2/issues/20 Exploit,Third Party Advisory
https://github.com/derf/feh/issues/712 Exploit,Issue Tracking,Third Party Advisory
https://git.enlightenment.org/old/legacy-imlib2/issues/20 Exploit,Third Party Advisory
https://github.com/derf/feh/issues/712 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25450, you might also want to check these: