vulnerability
Oracle Linux: CVE-2018-5802: ELSA-2018-3065: libkdcraw security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jan 30, 2018 | Nov 6, 2018 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jan 30, 2018
Added
Nov 6, 2018
Modified
Dec 3, 2025
Description
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images.
An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images.
Solutions
oracle-linux-upgrade-libkdcraworacle-linux-upgrade-libkdcraw-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.