CVE-2018-5801 — NULL Pointer Dereference in Libraw
Severity
6.5MEDIUMNVD
EPSS
1.5%
top 18.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 7
Latest updateMay 14
Description
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages6 packages
Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 16.04, 17.10
Patches
🔴Vulnerability Details
3📋Vendor Advisories
3💬Community
7Bugzilla▶
CVE-2018-5801 libkdcraw: LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp [fedora-all]↗2018-03-16
Bugzilla▶
CVE-2018-5801 dcraw: LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp [fedora-all]↗2018-03-16
Bugzilla▶
CVE-2018-5801 LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp [fedora-all]↗2018-03-16
Bugzilla▶
CVE-2018-5801 rawtherapee: LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp [fedora-all]↗2018-03-16
Bugzilla▶
CVE-2018-5801 mingw-LibRaw: LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp [fedora-all]↗2018-03-16