Jump to:

CVE-2017-14608

Jump to:

CVE-2017-14608

Package libraw updated to version 0.18.5-alt1 for branch sisyphus in task 189197.

Published: 2017-09-20
Modified: 2025-04-20

CVE-2017-14608

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

Severity: MEDIUM (6.4) Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

Severity: CRITICAL (9.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References:

https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
https://github.com/LibRaw/LibRaw/issues/101
https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
https://github.com/LibRaw/LibRaw/issues/101

Version: 2.1.2

Package libraw update in sisyphus on 2017-09-28

ALT-PU-2017-2341-1

Closed vulnerabilities

CVE-2017-14608