A flaw was found in LibRaw 0.19.1. A stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp. Crafted input will lead to a denial of service.
Created LibRaw tracking bugs for this issue:
Affects: epel-6 [bug 1661558]
Affects: fedora-all [bug 1661557]
Created mingw-LibRaw tracking bugs for this issue:
Affects: fedora-all [bug 1661556]
Function parse_makernote() in internal/dcraw_common.cpp does not correctly sanitize the ynum_len when dealing with FUJI raw images, possibly causing a stack-based buffer overflow.
This issue did not affect the versions of LibRaw as shipped with Red Hat Enterprise Linux 7 as they did not include support for Fuji maker notes.
This is fixed in LibRaw-0.19.2
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2020:1766 https://access.redhat.com/errata/RHSA-2020:1766