Unrated severityNVD Advisory· Published Jun 2, 2021· Updated Aug 4, 2024
CVE-2020-24870
CVE-2020-24870
Description
Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
Affected products
58- Libraw/Librawdescription
- osv-coords57 versionspkg:rpm/almalinux/accountsservicepkg:rpm/almalinux/accountsservice-develpkg:rpm/almalinux/accountsservice-libspkg:rpm/almalinux/gdmpkg:rpm/almalinux/gnome-autoarpkg:rpm/almalinux/gnome-calculatorpkg:rpm/almalinux/gnome-classic-sessionpkg:rpm/almalinux/gnome-control-centerpkg:rpm/almalinux/gnome-control-center-filesystempkg:rpm/almalinux/gnome-online-accountspkg:rpm/almalinux/gnome-online-accounts-develpkg:rpm/almalinux/gnome-sessionpkg:rpm/almalinux/gnome-session-kiosk-sessionpkg:rpm/almalinux/gnome-session-wayland-sessionpkg:rpm/almalinux/gnome-session-xsessionpkg:rpm/almalinux/gnome-settings-daemonpkg:rpm/almalinux/gnome-shellpkg:rpm/almalinux/gnome-shell-extension-apps-menupkg:rpm/almalinux/gnome-shell-extension-auto-move-windowspkg:rpm/almalinux/gnome-shell-extension-commonpkg:rpm/almalinux/gnome-shell-extension-dash-to-dockpkg:rpm/almalinux/gnome-shell-extension-desktop-iconspkg:rpm/almalinux/gnome-shell-extension-disable-screenshieldpkg:rpm/almalinux/gnome-shell-extension-drive-menupkg:rpm/almalinux/gnome-shell-extension-gesture-inhibitorpkg:rpm/almalinux/gnome-shell-extension-horizontal-workspacespkg:rpm/almalinux/gnome-shell-extension-launch-new-instancepkg:rpm/almalinux/gnome-shell-extension-native-window-placementpkg:rpm/almalinux/gnome-shell-extension-no-hot-cornerpkg:rpm/almalinux/gnome-shell-extension-panel-favoritespkg:rpm/almalinux/gnome-shell-extension-places-menupkg:rpm/almalinux/gnome-shell-extension-screenshot-window-sizerpkg:rpm/almalinux/gnome-shell-extension-systemMonitorpkg:rpm/almalinux/gnome-shell-extension-top-iconspkg:rpm/almalinux/gnome-shell-extension-updates-dialogpkg:rpm/almalinux/gnome-shell-extension-user-themepkg:rpm/almalinux/gnome-shell-extension-window-grouperpkg:rpm/almalinux/gnome-shell-extension-window-listpkg:rpm/almalinux/gnome-shell-extension-windowsNavigatorpkg:rpm/almalinux/gnome-shell-extension-workspace-indicatorpkg:rpm/almalinux/gnome-softwarepkg:rpm/almalinux/gnome-software-develpkg:rpm/almalinux/gsettings-desktop-schemaspkg:rpm/almalinux/gsettings-desktop-schemas-develpkg:rpm/almalinux/gtk3pkg:rpm/almalinux/gtk3-develpkg:rpm/almalinux/gtk3-immodule-ximpkg:rpm/almalinux/gtk-update-icon-cachepkg:rpm/almalinux/LibRawpkg:rpm/almalinux/LibRaw-develpkg:rpm/almalinux/mutterpkg:rpm/almalinux/mutter-develpkg:rpm/almalinux/vinopkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-devel
< 0.6.55-2.el8+ 56 more
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 1:40.0-15.el8
- (no CPE)range: < 0.2.3-2.el8
- (no CPE)range: < 3.28.2-2.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.32.0-16.el8.alma
- (no CPE)range: < 3.32.2-40.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.22.0-11.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- security.gentoo.org/glsa/202208-07mitrevendor-advisoryx_refsource_GENTOO
- github.com/LibRaw/LibRaw/commit/4feaed4dea636cee4fee010f615881ccf76a096dmitrex_refsource_MISC
- github.com/LibRaw/LibRaw/issues/330mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.