Unrated severityNVD Advisory· Published Dec 7, 2018· Updated Aug 5, 2024
CVE-2018-5808
CVE-2018-5808
Description
An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
Affected products
6- osv-coords6 versionspkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 0.15.4-27.1+ 5 more
- (no CPE)range: < 0.15.4-27.1
- (no CPE)range: < 0.15.4-27.1
- (no CPE)range: < 0.15.4-27.1
- (no CPE)range: < 0.15.4-27.1
- (no CPE)range: < 0.15.4-27.1
- (no CPE)range: < 0.15.4-27.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- secuniaresearch.flexerasoftware.com/advisories/81800/mitrethird-party-advisoryx_refsource_SECUNIA
- github.com/LibRaw/LibRaw/blob/master/Changelog.txtmitrex_refsource_MISC
- github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2019/03/msg00036.htmlmitremailing-listx_refsource_MLIST
- secuniaresearch.flexerasoftware.com/secunia_research/2018-9/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.