Bug 1574313 (CVE-2018-10528) - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution
Summary: CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2018-10528
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1543597 1574319 1574320 1574321 1574322 1575861
Blocks: 1574330
TreeView+ depends on / blocked
 
Reported: 2018-05-03 04:55 UTC by Sam Fowler
Modified: 2020-04-22 04:31 UTC (History)
6 users (show)

Fixed In Version: LibRaw 0.18.10
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-22 04:31:46 UTC


Attachments (Terms of Use)

Description Sam Fowler 2018-05-03 04:55:51 UTC
LibRaw through version 0.18.9 is vulnerable to a stack-based buffer overflow in the libraw_cxx.cpp:utf2char() function. An attacker could exploit this to cause a crash or potentially execute arbitrary code.


Upstream Issue:

https://github.com/LibRaw/LibRaw/issues/144

Upstream Patch:

https://github.com/LibRaw/LibRaw/commit/895529fc2f2eb8bc633edd6b04b5b237eb4db564

Comment 1 Sam Fowler 2018-05-03 05:07:54 UTC
Created LibRaw tracking bugs for this issue:

Affects: epel-6 [bug 1574321]
Affects: fedora-all [bug 1574322]


Created mingw-LibRaw tracking bugs for this issue:

Affects: fedora-all [bug 1574319]

Comment 4 Debarshi Ray 2018-09-27 14:17:23 UTC
This was fixed in LibRaw 0.19.0-Beta4 and 0.18.10.

Comment 6 Product Security DevOps Team 2020-04-22 04:31:46 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2018-10528


Note You need to log in before you can comment on or make changes to this bug.