An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
This was fixed in LibRaw-0.18.7. The commit message has 7 typoed as 17.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:3065 https://access.redhat.com/errata/RHSA-2018:3065