Buffer Overflow Vulnerability in LibRaw Affects Image Processing Functions
CVE-2018-5805

8.8HIGH

Key Information:

Vendor

Libraw

Status
Libraw
Vendor
CVE Published:
7 December 2018

What is CVE-2018-5805?

A boundary error in the 'quicktake_100_load_raw()' function of LibRaw can be exploited to trigger a stack-based buffer overflow. This could potentially crash the application, leading to disruption in image processing tasks. Users of LibRaw must ensure they are running version 0.18.8 or later to mitigate this risk. For more details, refer to the changelog and related advisories.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

LibRaw Prior to 0.18.8

References

https://secuniaresearch.flexerasoftware.com/advisories/81...
third-party-advisoryx_refsource_SECUNIA
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt
x_refsource_MISC
https://access.redhat.com/errata/RHSA-2018:3065
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.