Stack Buffer Overflow Vulnerability in LibRaw by LibRaw Developers
CVE-2020-24870

8.8HIGH

Key Information:

Vendor

Libraw

Status
Libraw
Vendor
CVE Published:
2 June 2021

What is CVE-2020-24870?

LibRaw versions prior to 0.20.1 are susceptible to a stack buffer overflow vulnerability within the identify_process_dng_fields function in identify.cpp. This weakness allows for potential exploitation, which could compromise application stability or lead to unauthorized access. Users of affected versions are urged to update to the latest release to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/LibRaw/LibRaw/issues/330
x_refsource_MISC
https://github.com/LibRaw/LibRaw/commit/4feaed4dea636cee4...
x_refsource_MISC
https://security.gentoo.org/glsa/202208-07
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.