Debian Libraw vulnerabilities

CVE-2020-35531 [MEDIUM] CVE-2020-35531: libraw - In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_dif... In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. Scope: local bookworm: resolved (fixed in 0.20.0-4) bullseye: resolved (fixed in 0.20.0-4) forky: resolved (fixed in 0.20.0-4) sid: resolved (fixed in 0.20.0-4) trixie: resolved (fixed in 0.20.0-4)

CVE-2020-35535 [MEDIUM] CVE-2020-35535: libraw - In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::pars... In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files. Scope: local bookworm: resolved (fixed in 0.20.0-4) bullseye: resolved (fixed in 0.20.0-4) forky: resolved (fixed in 0.20.0-4) sid: resolved (fixed in 0.20.0-4) trixie: resolved (fixed in 0.20.0-4)

CVE-2020-35533 [MEDIUM] CVE-2020-35533: libraw - In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_... In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file. Scope: local bookworm: resolved (fixed in 0.20.0-4) bullseye: resolved (fixed in 0.20.0-4) forky: resolved (fixed in 0.20.0-4) sid: resolved (fixed in 0.20.0-4) trixie: resolved (fixed in 0.20.0-

CVE-2020-22628 [MEDIUM] CVE-2020-22628: libraw - Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postpr... Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. Scope: local bookworm: resolved (fixed in 0.20.0-4) bullseye: resolved (fixed in 0.20.0-4) forky: resolved (fixed in 0.20.0-4) sid: resolved (fixed in 0.20.0-4) trixie: resolved (fixed in 0.20.0-4)

CVE-2020-24890 [MEDIUM] CVE-2020-24890: libraw - libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in sr... libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2020-15365 [MEDIUM] CVE-2020-15365: libraw - LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\... LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-5808 [HIGH] CVE-2018-5808: libraw - An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRa... An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Scope: local bookworm: resolved (fixed in 0.18.11-1) bullseye: resolved (fixed in 0.18.11-1) forky: resolved (fixed in 0.18.11-1) sid: resolved (fixed in 0.18.11-1) tr

CVE-2018-5809 [HIGH] CVE-2018-5809: libraw - An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) ... An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Scope: local bookworm: resolved (fixed in 0.18.11-1) bullseye: resolved (fixed in 0.18.11-1) forky: resolved (fixed in 0.18.11-1) sid: resolved (fixed in 0.18.

CVE-2018-5810 [HIGH] CVE-2018-5810: libraw - An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in ... An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Scope: local bookworm: resolved (fixed in 0.18.11-1) bullseye: resolved (fixed in 0.18.11-1) forky: resolved (fixed in 0.18.11-1) sid: resolved (fixed in 0.18.11-1) trixie:

CVE-2018-5818 [HIGH] CVE-2018-5818: libraw - An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within... An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. Scope: local bookworm: resolved (fixed in 0.19.1-1) bullseye: resolved (fixed in 0.19.1-1) forky: resolved (fixed in 0.19.1-1) sid: resolved (fixed in 0.19.1-1) trixie: resolved (fixed in 0.19.1-1)

CVE-2018-5802 [HIGH] CVE-2018-5802: libraw - An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp)... An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Scope: local bookworm: resolved (fixed in 0.18.7-1) bullseye: resolved (fixed in 0.18.7-1) forky: resolved (fixed in 0.18.7-1) sid:

CVE-2018-20337 [HIGH] CVE-2018-20337: libraw - There is a stack-based buffer overflow in the parse_makernote function of dcraw_... There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. Scope: local bookworm: resolved (fixed in 0.19.2-1) bullseye: resolved (fixed in 0.19.2-1) forky: resolved (fixed in 0.19.2-1) sid: resolved (fixed in 0.19.2-1) trixie: resolv

CVE-2018-5819 [HIGH] CVE-2018-5819: libraw - An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) with... An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. Scope: local bookworm: resolved (fixed in 0.19.1-1) bullseye: resolved (fixed in 0.19.1-1) forky: resolved (fixed in 0.19.1-1) sid: resolved (fixed in 0.19.1-1) trixie: resolved (fixed in 0.19.1-1)

CVE-2018-5807 [HIGH] CVE-2018-5807: libraw - An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in... An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Scope: local bookworm: resolved (fixed in 0.18.11-1) bullseye: resolved (fixed in 0.18.11-1) forky: resolved (fixed in 0.18.11-1) sid: resolved (fixed in 0.18.11-1)

CVE-2018-5817 [HIGH] CVE-2018-5817: libraw - A type confusion error within the "unpacked_load_raw()" function within LibRaw v... A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. Scope: local bookworm: resolved (fixed in 0.19.1-1) bullseye: resolved (fixed in 0.19.1-1) forky: resolved (fixed in 0.19.1-1) sid: resolved (fixed in 0.19.1-1) trixie: resolved (fixed in 0.19.

CVE-2018-5800 [MEDIUM] CVE-2018-5800: libraw - An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (intern... An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Scope: local bookworm: resolved (fixed in 0.18.7-1) bullseye: resolved (fixed in 0.18.7-1) forky: resolved (fixed in 0.18.7-1) sid: resolved (fixe

CVE-2018-5801 [MEDIUM] CVE-2018-5801: libraw - An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw v... An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 0.18.7-1) bullseye: resolved (fixed in 0.18.7-1) forky: resolved (fixed in 0.18.7-1) sid: resolved (fixed in 0.18.7-1) trixie: resolved (fixed in 0.18.7-1)

CVE-2018-20364 [MEDIUM] CVE-2018-20364: libraw - LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer derefer... LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 0.19.2-2) bullseye: resolved (fixed in 0.19.2-2) forky: resolved (fixed in 0.19.2-2) sid: resolved (fixed in 0.19.2-2) trixie: resolved (fixed in 0.19.2-2)

CVE-2018-5811 [MEDIUM] CVE-2018-5811: libraw - An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.... An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Scope: local bookworm: resolved (fixed in 0.18.11-1) bullseye: resolved (fixed in 0.18.11-1) forky: resolved (fixed in 0.18.11-1) sid: resolved (fixed in 0

CVE-2018-20365 [MEDIUM] CVE-2018-20365: libraw - LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.19.2-2) bullseye: resolved (fixed in 0.19.2-2) forky: resolved (fixed in 0.19.2-2) sid: resolved (fixed in 0.19.2-2) trixie: resolved (fixed in 0.19.2-2)