vulnerability
Oracle Linux: CVE-2018-5802: ELSA-2018-3065: libkdcraw security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jan 30, 2018 | Nov 6, 2018 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jan 30, 2018
Added
Nov 6, 2018
Modified
Dec 3, 2025
Description
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images.
An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images.
Solutions
oracle-linux-upgrade-libkdcraworacle-linux-upgrade-libkdcraw-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.