A vulnerability was found in libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. References: https://github.com/LibRaw/LibRaw/issues/335
Created LibRaw tracking bugs for this issue: Affects: epel-6 [bug 1882351] Affects: fedora-all [bug 1882349] Created mingw-LibRaw tracking bugs for this issue: Affects: fedora-all [bug 1882350]
L#13165 of internal/dcraw_common.cpp is where the subject code is in 0.19.5.
I get no such segfault using LibRaw 0.19.5 as built with g++ 9.3.1 on Fedora. I also do not get it on RHEL7 using g++ 4.8.5 or on RHEL8 using g++ 8.3.1 with the respectively shipped LibRaw rpms. The upstream maintainer identified this as a compiler problem as built by the reporter as the code in LibRaw is correct[1]. 1. https://github.com/LibRaw/LibRaw/issues/335#issuecomment-677637276
Statement: LibRaw as shipped in Red Hat Enterprise Linux 7 and 8 are not affected by this flaw - the flaw seems to be isolated to the specific compiler version used to build LibRaw by the reporter. Versions of g++ and LibRaw as shipped did not exhibit the flaw.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-24890