CVE-2026-10722 cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading

A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality. A remote attacker can exploit this by providing a specially crafted malicious file. This can lead to arbitrary code execution, allowing the attacker to take control of the...

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading

A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality. A remote attacker can exploit this by providing a specially crafted malicious file. This can lead to arbitrary code execution, allowing the attacker to take control of the...

SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2026:1555-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1555-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer...

SUSE-SU-2026:1556-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow in...

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-20911: heap-based buffer overflow in HuffTable::initvalbsc1261673. CVE-2026-21413: heap-based buffer overflow in losslessjpegloadraw bsc1261674. CVE-2026-24660: heap-based buffer overflow in x3floadhuffman bsc1261676. Patch Instructions:...

SUSE CVE-2026-21413

A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the uncompressedfpdngloadraw function. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted malicious file. Remediation Upgrade libraw to version 0.22.1 o...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the losslessjpegloadraw function. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted file. Remediation Upgrade libraw to version 0.22.1 or higher...

EUVD-2026-19626

An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

EUVD-2026-19618

An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

EUVD-2026-19624

A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-21413

A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2026-20884

An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-21413

LibRaw contains a heap-based buffer overflow in the lossless_jpeg_load_raw function for commits 0b56545 and d20315b. A specially crafted malicious file can trigger the overflow, leading to a potentially severe impact as reflected by CVSSv3.1: Base score 9.8 (CRITICAL), with network attack vector,...

CVE-2026-21413

A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20884

CVE-2026-20884 affects LibRaw’s deflate_dng_load_raw, where an integer overflow can lead to a heap buffer overflow when processing a crafted file. The vulnerability, tied to Commit 8dc68e2, can be triggered by supplying a malicious file, with the CVSS 3.1 base score of 8.1 (HIGH) and impact to co...

CVE-2026-20884

An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Libraw 安全漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. LibRaw has a security vulnerability, which stems from an integer overflow in the uncompressedfpdngloadraw function, potentially leading to a...