CFITSIO through version 3.42 has a stack-based buffer overflow vulnerability in the ffghtb() function that can potentially allow an attacker to execute code via a crafted FIT image file.
Created cfitsio tracking bugs for this issue:
Affects: fedora-all [bug 1568189]
Affects: epel-all [bug 1568186]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):