CVE-2025-43962

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-43962
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-43962.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-43962
Downstream
Related
Published
2025-04-21T00:15:33Z
Modified
2025-10-18T06:41:35.089050Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

In LibRaw before 0.21.4, phaseonecorrect in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.

References

Affected packages

Git / github.com/libraw/libraw

Affected ranges

Type
GIT
Repo
https://github.com/libraw/libraw
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
66fe663e02a4dd610b4e832f5d9af326709336c2

Affected versions

0.*

0.11.0-Release
0.11.1
0.11.2
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.14.3
0.14.4
0.14.5
0.14.6
0.15.0
0.16.0
0.17.0
0.18.0
0.20-RC2
0.20.0
0.20.1
0.20.2
0.21-Beta1
0.21.0
0.21.1
0.21.2
0.21.3

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "75786639247811888695911691908770333442",
                "324188435116035207719336047085610968737",
                "184364749296307487760383253901577428781",
                "224910600199708085947552526714899231778",
                "290284909087423115652512491364097126734",
                "55232918697542156197087610958187377546",
                "208270328290047128007542164269810146193",
                "15673720975732090322039602822053826542",
                "229285344664976981124185169925684502259",
                "255436438739078153814130833548018329962",
                "138824071107219638206291012640650950126",
                "27231935912625183278001478895860733106",
                "263513715267664076340441701824277963639",
                "21208839337331315008813833213585735771",
                "185629750238778966012308780677370087545",
                "272486708748459356131483158048483395523",
                "117366396116827941393545487037155046471",
                "325286465215510775806104540139564247517",
                "239375309794674083855298311838696802710",
                "189284190228368588943615018686319565665",
                "118133643838218130326613630517333623472",
                "83495295596959631691127737588956505173",
                "243153432370433765723500813854770931557",
                "142332137698307746172956350091343076244",
                "301470813346256709690486566347437149828"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2025-43962-a8867a26",
        "target": {
            "file": "src/metadata/tiff.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "197872948769677158610949855518456599555",
            "length": 39561.0
        },
        "id": "CVE-2025-43962-af2a4d39",
        "target": {
            "function": "LibRaw::parse_tiff_ifd",
            "file": "src/metadata/tiff.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "227255839399777494310220549945935304710",
                "47652950835096864347591816135174446054",
                "871839194140884956346434446416526218",
                "313944228688491406369686973250630163866",
                "268144868560653473932482666219597082506",
                "121199975125118014332712506648346829704",
                "30592309213274763928530496170015720076",
                "280560097526375837232063219019104278151",
                "43689934646373510547775889377772530341",
                "265763856735334934025136245109914832870",
                "174579587141248787746192459117457290869"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2025-43962-de32d6c2",
        "target": {
            "file": "src/decoders/load_mfbacks.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "16641124102554756246182794909367149692",
            "length": 8866.0
        },
        "id": "CVE-2025-43962-f3fbb1ed",
        "target": {
            "function": "LibRaw::phase_one_correct",
            "file": "src/decoders/load_mfbacks.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
        "signature_type": "Function"
    }
]