Описание
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
A NULL pointer dereference vulnerability in internal/dcraw_common.cpp:leaf_hdr_load_raw() function was found in LibRaw. A user can cause a denial of service when processing specially-crafted RAW data.
Отчет
This issue did not affect the versions of dcraw as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the vulnerable code. This issue did not affect the versions of LibRaw as shipped with Red Hat Enterprise Linux 7 as they did not include the vulnerable code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | dcraw | Not affected | ||
| Red Hat Enterprise Linux 6 | dcraw | Not affected | ||
| Red Hat Enterprise Linux 7 | dcraw | Will not fix | ||
| Red Hat Enterprise Linux 7 | LibRaw | Not affected | ||
| Red Hat Enterprise Linux 8 | dcraw | Will not fix | ||
| Red Hat Enterprise Linux 8 | LibRaw | Not affected | ||
| Red Hat Enterprise Linux 7 | libkdcraw | Fixed | RHSA-2018:3065 | 30.10.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_com ...
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
Уязвимость функции leaf_hdr_load_raw() компонента internal/dcraw_common.cpp библиотеки для обработки изображений LibRaw, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
3.3 Low
CVSS3