An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
References
Link | Resource |
---|---|
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt | Release Notes |
https://github.com/LibRaw/LibRaw/commit/f1394822a0152ceed77815eafa5cac4e8baab10a | Patch |
https://secuniaresearch.flexerasoftware.com/advisories/76000/ | Third Party Advisory |
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19/ | Third Party Advisory |
https://usn.ubuntu.com/3615-1/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-12-07 22:29
Updated : 2024-02-28 16:48
NVD link : CVE-2017-16909
Mitre link : CVE-2017-16909
CVE.ORG link : CVE-2017-16909
JSON object : View
Products Affected
canonical
- ubuntu_linux
libraw
- libraw
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer