CVE-2021-32142

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libraw:libraw:0.20.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:06

Type Values Removed Values Added
References () https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 - Patch () https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 - Patch
References () https://github.com/LibRaw/LibRaw/issues/400 - Exploit, Issue Tracking () https://github.com/LibRaw/LibRaw/issues/400 - Exploit, Issue Tracking
References () https://github.com/gtt1995 - Not Applicable () https://github.com/gtt1995 - Not Applicable
References () https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html - () https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/ -
References () https://www.debian.org/security/2023/dsa-5412 - () https://www.debian.org/security/2023/dsa-5412 -
References () https://www.libraw.org/ - Product () https://www.libraw.org/ - Product

07 Nov 2023, 03:35

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/', 'name': 'FEDORA-2023-be842ba7fb', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/', 'name': 'FEDORA-2023-220878f1bf', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/ -

28 May 2023, 04:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2023/dsa-5412 -

27 May 2023, 04:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html -

Information

Published : 2023-02-17 18:15

Updated : 2024-11-21 06:06


NVD link : CVE-2021-32142

Mitre link : CVE-2021-32142

CVE.ORG link : CVE-2021-32142


JSON object : View

Products Affected

libraw

  • libraw
CWE
CWE-787

Out-of-bounds Write