Lucene search
Ubuntu.comUB:CVE-2021-32142HistoryFeb 17, 2023 - 12:00 a.m.
CVE-2021-32142
2023-02-1700:00:00
ubuntu.com
ubuntu.com
14
buffer overflow
libraw
privilege escalation
datastream
ubuntu
denial of service
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.6%
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker
to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int)
in /src/libraw/src/libraw_datastream.cpp.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | This is a stack overflow and is limited to a denial of service on Ubuntu because of compiler hardening features. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | dcraw | < any | UNKNOWN |
Related
debiancve
debiancve
CVE-2021-32142
2023-02-17 18:15:10
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libraw (SUSE-SU-2023:0511-1)
2023-02-25 00:00:00
RHEL 9 : LibRaw (RHSA-2023:6343)
2023-11-07 00:00:00
CentOS 9 : LibRaw-0.20.2-6.el9
2024-02-29 00:00:00
mageia
mageia
Updated libraw packages fix security vulnerability
2023-03-02 00:14:31
osv
osv
CVE-2021-32142
2023-02-17 18:15:10
Moderate: LibRaw security update
2024-05-22 00:00:00
Moderate: LibRaw security update
2023-11-07 00:00:00
redhat
redhat
(RHSA-2024:2994) Moderate: LibRaw security update
2024-05-22 06:35:18
(RHSA-2023:6343) Moderate: LibRaw security update
2023-11-07 06:02:19
(RHSA-2024:0343) Moderate: LibRaw security update
2024-01-23 15:58:21
openvas
openvas
Fedora: Security Advisory for mingw-LibRaw (FEDORA-2023-be842ba7fb)
2023-03-17 00:00:00
CentOS: Security Advisory for LibRaw (CESA-2024:0343)
2024-03-05 00:00:00
Mageia: Security Advisory (MGASA-2023-0082)
2023-03-28 00:00:00
cvelist
cvelist
CVE-2021-32142
2023-02-17 00:00:00
almalinux
almalinux
Moderate: LibRaw security update
2024-05-22 00:00:00
Moderate: LibRaw security update
2023-11-07 00:00:00
oraclelinux
oraclelinux
LibRaw security update
2024-01-23 00:00:00
LibRaw security update
2024-05-24 00:00:00
LibRaw security update
2023-11-11 00:00:00
rocky
rocky
LibRaw security update
2024-06-14 13:59:30
cve
cve
CVE-2021-32142
2023-02-17 18:15:10
redhatcve
redhatcve
CVE-2021-32142
2023-02-21 07:59:22
rosalinux
rosalinux
Advisory ROSA-SA-2024-2350
2024-02-20 09:19:52
nvd
nvd
CVE-2021-32142
2023-02-17 18:15:10
fedora
fedora
[SECURITY] Fedora 37 Update: mingw-LibRaw-0.20.2-8.fc37
2023-03-16 18:34:07
[SECURITY] Fedora 36 Update: mingw-LibRaw-0.20.2-8.fc36
2023-03-16 18:20:11
veracode
veracode
Buffer Overflow
2023-02-23 18:20:03
prion
prion
Buffer overflow
2023-02-17 18:15:00
centos
centos
LibRaw security update
2024-01-26 18:08:08
debian
debian
[SECURITY] [DSA 5412-1] libraw security update
2023-05-27 19:44:25
[SECURITY] [DLA 3433-1] libraw security update
2023-05-27 01:56:36
ubuntu
ubuntu
LibRaw vulnerabilities
2023-06-05 00:00:00
slackware
slackware
[slackware-security] LibRaw
2023-10-22 19:39:04
amazon
amazon
Medium: LibRaw
2023-09-13 23:44:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.6%
Related for UB:CVE-2021-32142