An off-by-one error within the “LibRaw::kodak_ycbcr_load_raw()” function
(internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be
exploited to cause a heap-based buffer overflow and subsequently cause a
crash.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | darktable | < any | UNKNOWN |
ubuntu | 20.04 | noarch | darktable | < any | UNKNOWN |
ubuntu | 22.04 | noarch | darktable | < any | UNKNOWN |
ubuntu | 23.10 | noarch | darktable | < any | UNKNOWN |
ubuntu | 24.04 | noarch | darktable | < any | UNKNOWN |
ubuntu | 16.04 | noarch | darktable | < any | UNKNOWN |
ubuntu | 18.04 | noarch | dcraw | < any | UNKNOWN |
ubuntu | 20.04 | noarch | dcraw | < any | UNKNOWN |
ubuntu | 22.04 | noarch | dcraw | < any | UNKNOWN |
ubuntu | 23.10 | noarch | dcraw | < any | UNKNOWN |