Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
References
Configurations
History
21 Nov 2024, 06:06
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 - Patch | |
References | () https://github.com/LibRaw/LibRaw/issues/400 - Exploit, Issue Tracking | |
References | () https://github.com/gtt1995 - Not Applicable | |
References | () https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/ - | |
References | () https://www.debian.org/security/2023/dsa-5412 - | |
References | () https://www.libraw.org/ - Product |
07 Nov 2023, 03:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 May 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 May 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-02-17 18:15
Updated : 2024-11-21 06:06
NVD link : CVE-2021-32142
Mitre link : CVE-2021-32142
CVE.ORG link : CVE-2021-32142
JSON object : View
Products Affected
libraw
- libraw
CWE
CWE-787
Out-of-bounds Write