Описание
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libraw | fixed | 0.17.1-1 | package | |
| libraw | fixed | 0.16.0-9+deb8u2 | jessie | package |
| libraw | not-affected | wheezy | package | |
| libraw | not-affected | squeeze | package | |
| dcraw | not-affected | package | ||
| kodi | not-affected | package | ||
| darktable | fixed | 2.0.0-1 | package | |
| darktable | not-affected | jessie | package | |
| darktable | not-affected | wheezy | package | |
| darktable | not-affected | squeeze | package | |
| ufraw | not-affected | package | ||
| rawtherapee | not-affected | package | ||
| exactimage | not-affected | package |
Примечания
Fixed by: https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
Introduced by: https://github.com/LibRaw/LibRaw/commit/7b1430c76a19c93f3cc755bb2ff9bda0ba9b4082 (0.15.0)
EPSS
Связанные уязвимости
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
EPSS