vulnerability
Oracle Linux: CVE-2018-5805: ELSA-2018-3065: libkdcraw security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Mar 14, 2018 | Nov 6, 2018 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 14, 2018
Added
Nov 6, 2018
Modified
Dec 3, 2025
Description
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
LibRaw is vulnerable to stack-based buffer overflow in internal/dcraw_common.cpp:quicktake_100_load_raw() function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service.
LibRaw is vulnerable to stack-based buffer overflow in internal/dcraw_common.cpp:quicktake_100_load_raw() function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service.
Solutions
oracle-linux-upgrade-libkdcraworacle-linux-upgrade-libkdcraw-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.