A flaw was found in LibRaw 0.19.1. A stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp. Crafted input will lead to a denial of service. References: https://github.com/LibRaw/LibRaw/issues/192 Upstream Patch: https://github.com/LibRaw/LibRaw/commit/fbf60377c006eaea8d3eca3f5e4c654909dcdfd2
Created LibRaw tracking bugs for this issue: Affects: epel-6 [bug 1661558] Affects: fedora-all [bug 1661557] Created mingw-LibRaw tracking bugs for this issue: Affects: fedora-all [bug 1661556]
Function parse_makernote() in internal/dcraw_common.cpp does not correctly sanitize the ynum_len when dealing with FUJI raw images, possibly causing a stack-based buffer overflow.
Statement: This issue did not affect the versions of LibRaw as shipped with Red Hat Enterprise Linux 7 as they did not include support for Fuji maker notes.
This is fixed in LibRaw-0.19.2
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20337
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1766 https://access.redhat.com/errata/RHSA-2020:1766