vulnerability
Oracle Linux: CVE-2018-5805: ELSA-2018-3065: libkdcraw security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:N/C:C/I:C/A:C) | Mar 14, 2018 | Nov 6, 2018 | Jan 7, 2025 |
Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Mar 14, 2018
Added
Nov 6, 2018
Modified
Jan 7, 2025
Description
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
LibRaw is vulnerable to stack-based buffer overflow in internal/dcraw_common.cpp:quicktake_100_load_raw() function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service.
LibRaw is vulnerable to stack-based buffer overflow in internal/dcraw_common.cpp:quicktake_100_load_raw() function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service.
Solutions
oracle-linux-upgrade-libkdcraworacle-linux-upgrade-libkdcraw-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.