imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::parse_fuji_compressed_header

Detailed report: https://oss-fuzz.com/testcase?key=5709982991908864 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

freeimage/load_from_memory_fuzzer: Stack-buffer-overflow in LibRaw::parse_rollei

Detailed report: https://oss-fuzz.com/testcase?key=5156329342107648 Project: freeimage Fuzzer: libFuzzerloadfrommemoryfuzzer Fuzz target binary: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7fef5bbbdca0 Crash Stat...

freeimage/load_from_memory_fuzzer: Global-buffer-overflow in LibRaw::parse_makernote

Detailed report: https://oss-fuzz.com/testcase?key=5116280533680128 Project: freeimage Fuzzer: libFuzzerfreeimageloadfrommemoryfuzzer Fuzz target binary: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Global-buffer-overflow READ 4 Crash Address: 0x000000f331f...

imagemagick/rotate_fuzzer: Index-out-of-bounds in LibRaw::scale_colors_loop

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5710383731441664 Project: imagemagick Fuzzer: libFuzzerimagemagickrotatefuzzer Fuzz target binary: rotatefuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type:...

The vulnerability of the parse_makernote function in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the parsemakernote function in the LibRaw image processing library is related to buffer overflow in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

imagemagick/ping_dng_fuzzer: Heap-buffer-overflow in LibRaw::get2

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5755410549571584 Project: imagemagick Fuzzer: libFuzzerimagemagickpingdngfuzzer Fuzz target binary: pingdngfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

The vulnerability of the LibRaw::kodak_ycbcr_load_raw function in the LibRaw image processing library, which is related to buffer overflow attacks, allows attackers to cause a service failure.

The vulnerability of the LibRaw::kodakycbcrloadraw function in the image processing library LibRaw is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause a service failure...

Ubuntu 16.04 LTS / 18.04 LTS : LibRaw vulnerabilities (USN-3989-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3989-1 advisory. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted...

Ubuntu: Security Advisory (USN-3989-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3989-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-3989-1 libraw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

Fedora Update for LibRaw FEDORA-2018-801432b551

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian: Security Advisory (DLA-1734-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1734-1 : libraw security update

Secunia Research has discovered multiple vulnerabilities in libraw, a raw image decoder library, which can be exploited to cause a Denial of Service. The issues contain divisions by zero, out-of-bounds read memory access, heap-based buffer overflows and NULL pointer dereferences. For Debian 8...

[SECURITY] [DLA 1734-1] libraw security update

Package : libraw Version : 0.16.0-9+deb8u4 CVE ID : CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5808 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819 Secunia Research has discovered multiple vulnerabilities in libraw, a raw image decoder library, which can be exploited to cause a Denial of Servic...

imagemagick/ping_dng_fuzzer: Global-buffer-overflow in LibRaw::parsePentaxMakernotes

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5089660259270656 Project: imagemagick Fuzzer: libFuzzerimagemagickpingdngfuzzer Fuzz target binary: pingdngfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

imagemagick/ping_dng_fuzzer: Heap-buffer-overflow in LibRaw::sget4

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5720967739867136 Project: imagemagick Fuzzer: libFuzzerimagemagickpingdngfuzzer Fuzz target binary: pingdngfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

OPENSUSE-SU-2019:0094-1 Security update for libraw

This update for libraw fixes the following issues: Security issues fixed: - CVE-2018-20337: Fixed a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp bsc1120519 - CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of librawcxx.cpp bsc1120500 -...

OPENSUSE-SU-2019:0008-1 Security update for libraw

This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5813: Fixed an error within the 'parseminolta' function dcraw/dcraw.c that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to...

Design/Logic Flaw

An error within the "parsesinaria" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources...