1805 matches found
Fedora 31 : LibRaw (2020-f407db0e65)
Backported patch for CVE-2020-15503 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
[SECURITY] Fedora 31 Update: LibRaw-0.19.5-3.fc31
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...
Fedora: Security Advisory for LibRaw (FEDORA-2020-f421eea477)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: LibRaw-0.19.5-3.fc32
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...
Fedora 32 : LibRaw (2020-f421eea477)
Backported patch for CVE-2020-15503 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
libraw:libraw_cr2_fuzzer: Use-of-uninitialized-value in LibRaw::init_fuji_block
Detailed Report: https://oss-fuzz.com/testcase?key=4762894621999104 Project: libraw Fuzzing Engine: libFuzzer Fuzz Target: librawcr2fuzzer Job Type: libfuzzermsanlibraw Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: LibRaw::initfujiblock...
libraw:libraw_cr2_fuzzer: Index-out-of-bounds in DHT::get_hv_rbg
Detailed Report: https://oss-fuzz.com/testcase?key=5647329419067392 Project: libraw Fuzzing Engine: libFuzzer Fuzz Target: librawcr2fuzzer Job Type: libfuzzerubsanlibraw Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: DHT::gethvrbg DHT::makehvdline DHT::makehvdirs...
LibRaw Input Validation Error Vulnerability
LibRaw is a C++ library from the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images. An input validation error vulnerability exists in versions prior to LibRaw 0.20-RC1, which stems from the program failing to check the size of thumbnails. A remote attacker could explo...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
DEBIAN-CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
AZL-44688 CVE-2020-15503 affecting package LibRaw for versions less than 0.19.5-5
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
Code injection
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
UBUNTU-CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-15503
CVE-2020-15503 affects LibRaw up to version 0.20-RC1. The vulnerability arises from missing thumbnail size range checks in decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp, enabling potential memory overflow (malloc(sizeof(libraw_processed_image_t)+T.tlength) wit...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
libraw:libraw_raf_fuzzer: Index-out-of-bounds in DHT::hide_hots
Detailed Report: https://oss-fuzz.com/testcase?key=6229491834945536 Project: libraw Fuzzing Engine: libFuzzer Fuzz Target: librawraffuzzer Job Type: libfuzzerubsanlibraw Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: DHT::hidehots LibRaw::dhtinterpolate...