Bug 1553334 (CVE-2018-5801) - CVE-2018-5801 LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp
Summary: CVE-2018-5801 LibRaw: NULL pointer dereference in LibRaw::unpack function src...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-5801
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1543597 1557157 1557158 1557159 1557160 1557161 1557162 1557163 1557165 1557170 1557171 1557172 1557173
Blocks: 1553339
TreeView+ depends on / blocked
 
Reported: 2018-03-08 17:14 UTC by Pedro Sampaio
Modified: 2021-02-17 00:40 UTC (History)
15 users (show)

Fixed In Version: LibRaw 0.18.7
Clone Of:
Environment:
Last Closed: 2019-06-10 10:17:14 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:3065 0 None None None 2018-10-30 07:29:14 UTC

Description Pedro Sampaio 2018-03-08 17:14:05 UTC 
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference.

External References:

https://packetstormsecurity.com/files/146172/secunia-libraw.txt

Upstream Patch:

https://github.com/LibRaw/LibRaw/commit/8682ad204392b91
Comment 3 Dhiru Kholia 2018-03-16 06:38:15 UTC 
Created mingw-LibRaw tracking bugs for this issue:

Affects: fedora-all [bug 1557159]


Created dcraw tracking bugs for this issue:

Affects: fedora-all [bug 1557160]


Created LibRaw tracking bugs for this issue:

Affects: fedora-all [bug 1557157]


Created rawtherapee tracking bugs for this issue:

Affects: fedora-all [bug 1557163]


Created libkdcraw tracking bugs for this issue:

Affects: fedora-all [bug 1557161]


Created LibRaw tracking bugs for this issue:

Affects: epel-6 [bug 1557162]
Comment 7 Debarshi Ray 2018-09-27 13:49:44 UTC 
This was fixed in LibRaw-0.18.7. The commit message has 7 typoed as 17.
Comment 8 errata-xmlrpc 2018-10-30 07:29:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3065 https://access.redhat.com/errata/RHSA-2018:3065
Note You need to log in before you can comment on or make changes to this bug.