CVE-2026-20911 — Incorrect Calculation of Buffer Size in Libraw
CWE-131 — Incorrect Calculation of Buffer SizeCWE-120 — Classic Buffer Overflow16 documents8 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 83.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 7
Latest updateApr 16
Description
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
🔴Vulnerability Details
2GHSA▶
GHSA-rc49-6x7v-hf76: A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b↗2026-04-07
OSV▶
CVE-2026-20911: A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b↗2026-04-07
📋Vendor Advisories
2🕵️Threat Intelligence
2💬Community
9Bugzilla▶
CVE-2026-20911 digikam: LibRaw: Arbitrary Code Execution via specially crafted file [fedora-all]↗2026-04-07
Bugzilla▶
CVE-2026-20911 libraw1394: LibRaw: Arbitrary Code Execution via specially crafted file [fedora-all]↗2026-04-07
Bugzilla▶
CVE-2026-20911 darktable: LibRaw: Arbitrary Code Execution via specially crafted file [fedora-all]↗2026-04-07
Bugzilla
▶
Bugzilla▶
CVE-2026-20911 digikam: LibRaw: Arbitrary Code Execution via specially crafted file [epel-all]↗2026-04-07