VYPR

rpm package

suse/libraw&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

pkg:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Vulnerabilities (24)

  • CVE-2015-8367Jan 14, 2020
    affected < 0.15.4-9.2fixed 0.15.4-9.2

    The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.

  • CVE-2018-5819Feb 20, 2019
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.

  • CVE-2018-5818Feb 20, 2019
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.

  • CVE-2018-5817Feb 20, 2019
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.

  • CVE-2018-20365Dec 22, 2018
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

  • CVE-2018-20364Dec 22, 2018
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

  • CVE-2018-20363Dec 22, 2018
    affected < 0.15.4-30.1fixed 0.15.4-30.1

    LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

  • CVE-2018-5813Dec 7, 2018
    affected < 0.15.4-21.1fixed 0.15.4-21.1

    An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.

  • CVE-2018-5810Dec 7, 2018
    affected < 0.15.4-21.1fixed 0.15.4-21.1

    An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

  • CVE-2018-5808Dec 7, 2018
    affected < 0.15.4-27.1fixed 0.15.4-27.1

    An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.

  • CVE-2018-5806Dec 7, 2018
    affected < 0.15.4-27.1fixed 0.15.4-27.1

    An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.

  • CVE-2018-5805Dec 7, 2018
    affected < 0.15.4-27.1fixed 0.15.4-27.1

    A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.

  • CVE-2018-5802Dec 7, 2018
    affected < 0.15.4-21.1fixed 0.15.4-21.1

    An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

  • CVE-2018-5801Dec 7, 2018
    affected < 0.15.4-21.1fixed 0.15.4-21.1

    An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.

  • CVE-2018-5800Dec 7, 2018
    affected < 0.15.4-21.1fixed 0.15.4-21.1

    An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

  • CVE-2017-16909Dec 7, 2018
    affected < 0.15.4-16.1fixed 0.15.4-16.1

    An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

  • CVE-2017-14608CriSep 20, 2017
    affected < 0.15.4-16.1fixed 0.15.4-16.1

    In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

  • CVE-2017-13735HigAug 29, 2017
    affected < 0.15.4-16.1fixed 0.15.4-16.1

    There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.

  • CVE-2017-6899MedJun 16, 2017
    affected < 0.15.4-9.2fixed 0.15.4-9.2

    The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service (NULL pointer dereference and de

  • CVE-2017-6887HigMay 16, 2017
    affected < 0.15.4-9.2fixed 0.15.4-9.2

    A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x

Page 1 of 2