An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
References
Link | Resource |
---|---|
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt | Release Notes |
https://github.com/LibRaw/LibRaw/commit/f1394822a0152ceed77815eafa5cac4e8baab10a | Patch |
https://secuniaresearch.flexerasoftware.com/advisories/76000/ | Third Party Advisory |
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19/ | Third Party Advisory |
https://usn.ubuntu.com/3615-1/ | Third Party Advisory |
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt | Release Notes |
https://github.com/LibRaw/LibRaw/commit/f1394822a0152ceed77815eafa5cac4e8baab10a | Patch |
https://secuniaresearch.flexerasoftware.com/advisories/76000/ | Third Party Advisory |
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19/ | Third Party Advisory |
https://usn.ubuntu.com/3615-1/ | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt - Release Notes | |
References | () https://github.com/LibRaw/LibRaw/commit/f1394822a0152ceed77815eafa5cac4e8baab10a - Patch | |
References | () https://secuniaresearch.flexerasoftware.com/advisories/76000/ - Third Party Advisory | |
References | () https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3615-1/ - Third Party Advisory |
Information
Published : 2018-12-07 22:29
Updated : 2024-11-21 03:17
NVD link : CVE-2017-16909
Mitre link : CVE-2017-16909
CVE.ORG link : CVE-2017-16909
JSON object : View
Products Affected
canonical
- ubuntu_linux
libraw
- libraw
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer