An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. External References: https://packetstormsecurity.com/files/146172/secunia-libraw.txt Upstream Patch: https://github.com/LibRaw/LibRaw/commit/8682ad204392b91
This was fixed in LibRaw-0.18.7. The commit message has 7 typoed as 17.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3065 https://access.redhat.com/errata/RHSA-2018:3065
Created LibRaw tracking bugs for this issue: Affects: epel-6 [bug 1826585] Affects: fedora-all [bug 1826580] Created dcraw tracking bugs for this issue: Affects: fedora-all [bug 1826582] Created libkdcraw tracking bugs for this issue: Affects: fedora-all [bug 1826583] Created mingw-LibRaw tracking bugs for this issue: Affects: fedora-all [bug 1826581] Created rawtherapee tracking bugs for this issue: Affects: fedora-all [bug 1826584]