[arch-security] [ASA-201709-18] libraw: multiple issues
Levente Polyak
anthraxx at archlinux.org
Mon Sep 25 19:54:35 UTC 2017
Arch Linux Security Advisory ASA-201709-18
==========================================
Severity: High
Date : 2017-09-22
CVE-ID : CVE-2017-13735 CVE-2017-14265
Package : libraw
Type : multiple issues
Remote : No
Link : https://security.archlinux.org/AVG-410
Summary
=======
The package libraw before version 0.18.5-1 is vulnerable to multiple
issues including arbitrary code execution and denial of service.
Resolution
==========
Upgrade to 0.18.5-1.
# pacman -Syu "libraw>=0.18.5-1"
The problems have been fixed upstream in version 0.18.5.
Workaround
==========
None.
Description
===========
- CVE-2017-13735 (denial of service)
There is a floating point exception in the kodak_radc_load_raw function
in dcraw_common.cpp in LibRaw 0.18.2 leading to denial of service.
- CVE-2017-14265 (arbitrary code execution)
A stack-based buffer overflow was discovered in xtrans_interpolate in
internal/dcraw_common.cpp in LibRaw before 0.18.3 leading to denial of
service or arbitrary code execution.
Impact
======
An attacker is able to crash the application or execute arbitrary code
by tricking the user into opening or processing a specially crafted
image file.
References
==========
https://github.com/LibRaw/LibRaw/issues/96
https://bugzilla.redhat.com/show_bug.cgi?id=1483988
https://github.com/LibRaw/LibRaw/issues/99
https://security.archlinux.org/CVE-2017-13735
https://security.archlinux.org/CVE-2017-14265
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20170925/377a136f/attachment.asc>
More information about the arch-security
mailing list