Buffer Overflow Vulnerability in LibRaw-demosaic-pack-GPL2 by LibRaw
CVE-2017-6890

9.8CRITICAL

Key Information:

Vendor: Libraw
Status: Libraw-demosaic-pack-gpl2
Vendor: CVE Published:; 15 May 2017

What is CVE-2017-6890?

A boundary error exists in the 'foveon_load_camf()' function within the LibRaw-demosaic-pack-GPL2 that can lead to a stack-based buffer overflow. This vulnerability arises during the initialization of a Huffman table before version 0.18.2. Attackers could exploit this flaw to potentially execute arbitrary code or cause a denial of service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

LibRaw-demosaic-pack-GPL2 0.x prior to 0.18.2

References

https://secuniaresearch.flexerasoftware.com/advisories/75...

x_refsource_MISC

https://github.com/LibRaw/LibRaw-demosaic-pack-GPL2/commi...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2017
Vulnerability Reserved
Mar 14, 2017

JSON

Libraw

What is CVE-2017-6890?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.