An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference. External References: https://packetstormsecurity.com/files/146172/secunia-libraw.txt Upstream Patch: https://github.com/LibRaw/LibRaw/commit/8682ad204392b91
Created mingw-LibRaw tracking bugs for this issue: Affects: fedora-all [bug 1557159] Created dcraw tracking bugs for this issue: Affects: fedora-all [bug 1557160] Created LibRaw tracking bugs for this issue: Affects: fedora-all [bug 1557157] Created rawtherapee tracking bugs for this issue: Affects: fedora-all [bug 1557163] Created libkdcraw tracking bugs for this issue: Affects: fedora-all [bug 1557161] Created LibRaw tracking bugs for this issue: Affects: epel-6 [bug 1557162]
This was fixed in LibRaw-0.18.7. The commit message has 7 typoed as 17.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3065 https://access.redhat.com/errata/RHSA-2018:3065