ELSA-2026-5320

ULN >
Oracle Linux Errata repository >
ELSA-2026-5320

ELSA-2026-5320 - libvpx security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-04-07

Description

[1.3.0-8.0.3]
- Fixes heap buffer overflow in libvpx CVE-2026-2447 [Orabug: 39112729]

[1.3.0-8.0.1]
- Fixes CVE-2025-5283 vpx_codec_enc_init_multi fix double free on init fail [Orabug: 38103810]

Related CVEs

CVE-2026-2447

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	libvpx-1.3.0-8.0.3.el7.src.rpm	f123b9d2fe01991bc4c5f6a6eef03923f7d41dc2b26564358638018848fa0e72	-	ol7_x86_64_latest_ELS
	libvpx-1.3.0-8.0.3.el7.i686.rpm	c5b5e1ee049c3e4f875104bf3c21076df3219ecece49b499e791aefe9f46bc74	-	ol7_x86_64_latest_ELS
	libvpx-1.3.0-8.0.3.el7.x86_64.rpm	880c4181225490819ca1795caa37946e5c534b4626cd36e87273d8a9f5e3c796	-	ol7_x86_64_latest_ELS
	libvpx-devel-1.3.0-8.0.3.el7.i686.rpm	83022d4cc76e9dbe6ec8e3e229f4c57dac6d573b1fb5b7bdadc949c848dd03b1	-	ol7_x86_64_latest_ELS
	libvpx-devel-1.3.0-8.0.3.el7.x86_64.rpm	9a49eb4fdf5d087a5cf9822560dae330e2b598e6397ed01a19a9bad102fc4bfb	-	ol7_x86_64_latest_ELS
	libvpx-utils-1.3.0-8.0.3.el7.x86_64.rpm	9763f7fe877bce9a6160e811afa6aef9d2ff59287d6691b095693ea36e930283	-	ol7_x86_64_latest_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691