Описание
Security update for libraw
This update for libraw fixes the following issues:
- CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643)
- CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phase_one_correct function (bsc#1241585)
- CVE-2025-43963: Fixed out-of-buffer access during phase_one_correct in decoders/load_mfbacks.cpp (bsc#1241642)
- CVE-2025-43964: Fixed tag 0x412 processing in phase_one_correct does not enforce minimum w0 and w1 values (bsc#1241584)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
libraw23-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
libraw-devel-0.21.1-150600.3.5.1
libraw-devel-static-0.21.1-150600.3.5.1
libraw-tools-0.21.1-150600.3.5.1
SUSE Linux Enterprise Workstation Extension 15 SP7
libraw-devel-0.21.1-150600.3.5.1
Ссылки
- Link for SUSE-SU-2025:01572-1
- E-Mail link for SUSE-SU-2025:01572-1
- SUSE Security Ratings
- SUSE Bug 1241584
- SUSE Bug 1241585
- SUSE Bug 1241642
- SUSE Bug 1241643
- SUSE CVE CVE-2025-43961 page
- SUSE CVE CVE-2025-43962 page
- SUSE CVE CVE-2025-43963 page
- SUSE CVE CVE-2025-43964 page
Описание
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libraw23-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-static-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-tools-0.21.1-150600.3.5.1
Ссылки
- CVE-2025-43961
- SUSE Bug 1241643
Описание
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libraw23-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-static-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-tools-0.21.1-150600.3.5.1
Ссылки
- CVE-2025-43962
- SUSE Bug 1241585
Описание
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libraw23-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-static-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-tools-0.21.1-150600.3.5.1
Ссылки
- CVE-2025-43963
- SUSE Bug 1241642
Описание
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libraw23-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-devel-static-0.21.1-150600.3.5.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:libraw-tools-0.21.1-150600.3.5.1
Ссылки
- CVE-2025-43964
- SUSE Bug 1241584