19 matches found
Advisory ROSA-SA-2025-2942
software: libraw 0.20.2 OS: ROSA-CHROME unaffected versions = libraw-0.20.2-5 affected versions libraw-0.20.2-5 CVE-ID: CVE-2025-43961 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in LibRaw allows an out-of-buffer read in the Fujifilm 0xf00c tag parser. CVE-STATUS: The vulnerability has...
Fedora: Security Advisory (FEDORA-2025-b5b1634cd0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:01572-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01572-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 ...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:01569-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01569-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 ...
Fedora: Security Advisory (FEDORA-2025-e7dea91428)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libraw-devel / libraw-devel-static / libraw-tools / libraw23 / etc (SUSE-SU-2025:1572-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1572-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cp...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:1569-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1569-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 -...
SUSE-SU-2025:1572-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43963: Fixed...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : LibRaw vulnerabilities (USN-7485-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7485-1 advisory. It was discovered that LibRaw could be made to read out of bounds. An attacker could...
Fedora 40 : mingw-LibRaw (2025-32a9eb17af)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-32a9eb17af advisory. Update to LibRaw 0.21.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora: Security Advisory (FEDORA-2025-97687e7f68)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4142-1] libraw security update
Debian LTS Advisory DLA-4142-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson April 29, 2025 https://wiki.debian.org/LTS Package : libraw Version : 0.20.2-1+deb11u2 CVE ID : CVE-2025-43961 CVE-2025-43962 CVE-2025-43963 CVE-2025-43964 Debian Bug : 1103781 11037...
Debian dla-4142 : libraw-bin - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4142 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4142-1 [email protected]...
SUSE SLES12 Security Update : libraw (SUSE-SU-2025:1380-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1380-1 advisory. - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43964: Fixed tag 0x412...
SUSE-SU-2025:1380-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values bsc1241584...
CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
CVE-2025-43964
Summary: CVE-2025-43964 affects LibRaw up to version 0.21.3, where tag 0x412 processing in phase_one_correct (decoders/load_mfbacks.cpp) does not enforce minimum w0 and w1 values, enabling out-of-bounds memory access. The connected advisory confirms the issue and notes a fix in LibRaw 0.21.4. Aff...
CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...