CVE-2018-5817

Related Files

Ubuntu Security Notice USN-3989-1

Posted May 21, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3989-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2018-20337, CVE-2018-5817

SHA-256 | f48db585c7142fafe34c9d53c8235891a172ee735429b190c47490cd53eb7fbc

Download | Favorite | View

LibRaw 0.19.0 Denial Of Service

Posted Dec 18, 2018

Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within the "unpacked_load_raw()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_rollei()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) can be exploited to exhaust available CPU resources. The vulnerabilities are confirmed in version 0.19.0 and reported in versions prior to 0.19.1.

tags | advisory, denial of service, vulnerability

advisories | CVE-2018-5817, CVE-2018-5818, CVE-2018-5819

SHA-256 | 3db5c91bb6c24888166cacb845b1ca20edac2ec4797287c3534c7c75400e4192

Download | Favorite | View