[arch-security] [ASA-201709-18] libraw: multiple issues

Levente Polyak anthraxx at archlinux.org
Mon Sep 25 19:54:35 UTC 2017


Arch Linux Security Advisory ASA-201709-18
==========================================

Severity: High
Date    : 2017-09-22
CVE-ID  : CVE-2017-13735 CVE-2017-14265
Package : libraw
Type    : multiple issues
Remote  : No
Link    : https://security.archlinux.org/AVG-410

Summary
=======

The package libraw before version 0.18.5-1 is vulnerable to multiple
issues including arbitrary code execution and denial of service.

Resolution
==========

Upgrade to 0.18.5-1.

# pacman -Syu "libraw>=0.18.5-1"

The problems have been fixed upstream in version 0.18.5.

Workaround
==========

None.

Description
===========

- CVE-2017-13735 (denial of service)

There is a floating point exception in the kodak_radc_load_raw function
in dcraw_common.cpp in LibRaw 0.18.2 leading to denial of service.

- CVE-2017-14265 (arbitrary code execution)

A stack-based buffer overflow was discovered in xtrans_interpolate in
internal/dcraw_common.cpp in LibRaw before 0.18.3 leading to denial of
service or arbitrary code execution.

Impact
======

An attacker is able to crash the application or execute arbitrary code
by tricking the user into opening or processing a specially crafted
image file.

References
==========

https://github.com/LibRaw/LibRaw/issues/96
https://bugzilla.redhat.com/show_bug.cgi?id=1483988
https://github.com/LibRaw/LibRaw/issues/99
https://security.archlinux.org/CVE-2017-13735
https://security.archlinux.org/CVE-2017-14265

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20170925/377a136f/attachment.asc>


More information about the arch-security mailing list