CVE-2017-6889

Опубликовано: 15 мая 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	released	0.18.2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-6889

CVSS3: 9.8

nvd

больше 8 лет назад

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.

GHSA-hh27-7rq7-g8w3

CVSS3: 9.8

github

больше 3 лет назад

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.

openSUSE-SU-2017:1460-1

suse-cvrf

больше 8 лет назад

Security update for libraw

SUSE-SU-2017:2300-1

suse-cvrf

больше 8 лет назад

Security update for libraw

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2017-6889

Описание

Пакет libraw

Ссылки на источники

Связанные уязвимости