DLA 2903-1: libraw security update

Debian 9911 Published by

A libraw security update has been released for Debian GNU/Linux 9 LTS to address several vulnerabilities.



DLA 2903-1: libraw security update



- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2903-1 debian-lts@lists.debian.org
  https://www.debian.org/lts/security/ Abhijith PA
January 29, 2022   https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : libraw
Version : 0.17.2-6+deb9u2
CVE ID : CVE-2017-13735 CVE-2017-14265 CVE-2017-14348
CVE-2017-14608 CVE-2017-16909 CVE-2017-16910
CVE-2018-5800 CVE-2018-5801 CVE-2018-5802
CVE-2018-5804 CVE-2018-5805 CVE-2018-5806
CVE-2018-5807 CVE-2018-5808 CVE-2018-5810
CVE-2018-5811 CVE-2018-5812 CVE-2018-5813
CVE-2018-5815 CVE-2018-5817 CVE-2018-5818
CVE-2018-5819 CVE-2018-20363 CVE-2018-20364
CVE-2018-20365

Several vulnerabilities have been discovered in libraw that
may lead to the execution of arbitrary code, denial of service, or
information leaks.

CVE-2017-13735

There is a floating point exception in the kodak_radc_load_raw
function. It will lead to a remote denial of service attack.

CVE-2017-14265

A Stack-based Buffer Overflow was discovered in xtrans_interpolate
method. It could allow a remote denial of service or code
execution attack.

CVE-2017-14348

There is a heap-based Buffer Overflow in the
processCanonCameraInfo function.

CVE-2017-14608

An out of bounds read flaw related to kodak_65000_load_raw has
been reported in libraw. An attacker could possibly exploit this
flaw to disclose potentially sensitive memory or cause an
application crash.

CVE-2017-16909

An error related to the "LibRaw::panasonic_load_raw()" function
can be exploited to cause a heap-based buffer overflow and
subsequently cause a crash via a specially crafted TIFF image.
xtrans_interpolate method. It could allow a remote denial of
service or code execution attack.

CVE-2017-16910

An error within the "LibRaw::xtrans_interpolate()" function can be
exploited to cause an invalid read memory access and subsequently
a Denial of Service condition.

CVE-2018-5800

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()"
function can be exploited to cause a heap-based buffer overflow
and subsequently cause a crash.

CVE-2018-5801

An error within the "LibRaw::unpack()" function can be exploited
to trigger a NULL pointer dereference.

CVE-2018-5802

An error within the "kodak_radc_load_raw()" function can be
exploited to cause an out-of-bounds read memory access and
subsequently cause a crash.

CVE-2018-5804

A type confusion error within the "identify()" function can be
exploited to trigger a division by zero.

CVE-2018-5805

A boundary error within the "quicktake_100_load_raw()" function
can be exploited to cause a stack-based buffer overflow and
subsequently cause a crash.

CVE-2018-5806

An error within the "leaf_hdr_load_raw()" function
can be exploited to trigger a NULL pointer dereference.

CVE-2018-5807

An error within the "samsung_load_raw()" function
can be exploited to cause an out-of-bounds read memory access and
subsequently cause a crash.

CVE-2018-5808

An error within the "find_green()" function can be exploited to
cause a stack-based buffer overflow and subsequently execute
arbitrary code.

CVE-2018-5810

An error within the "rollei_load_raw()" function can be exploited
to cause a heap-based buffer overflow and subsequently cause a
crash.

CVE-2018-5811

An error within the "nikon_coolscan_load_raw()" function
can be exploited to cause an out-of-bounds read memory access and
subsequently cause a crash.

CVE-2018-5812

An error within the "nikon_coolscan_load_raw()" function can be
exploited to trigger a NULL pointer dereference.

CVE-2018-5813

An error within the "parse_minolta()" function can be exploited to
trigger an infinite loop via a specially crafted file.

CVE-2018-5815

An integer overflow error within the "parse_qt()" function can be
exploited to trigger an infinite loop via a specially crafted
Apple QuickTime file.

CVE-2018-5817

A type confusion error within the "unpacked_load_raw()" function
can be exploited to trigger an infinite loop.

CVE-2018-5818

An error within the "parse_rollei()" function can be exploited to
trigger an infinite loop.

CVE-2018-5819

An error within the "parse_sinar_ia()" function can be exploited to exhaust available CPU resources.

CVE-2018-20363

LibRaw::raw2image has a NULL pointer dereference.

CVE-2018-20364

LibRaw::copy_bayer has a NULL pointer dereference

CVE-2018-20365

LibRaw::raw2image() has a heap-based buffer overflow.

For Debian 9 stretch, these problems have been fixed in version
0.17.2-6+deb9u2.

We recommend that you upgrade your libraw packages.

For the detailed security status of libraw please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/libraw

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS

ALSA-2022:0307 Moderate: java-1.8.0-openjdk security and bug fix update

Install Bpytop as an alternative to Top and Htop- System Monitor

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...