Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
{ "binaries": [ { "binary_name": "libraw-bin", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-bin-dbgsym", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-dev", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-doc", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw9", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw9-dbgsym", "binary_version": "0.15.4-1ubuntu0.1" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libfreeimage-dev", "binary_version": "3.15.4-3ubuntu0.1+esm2" }, { "binary_name": "libfreeimage-dev-dbgsym", "binary_version": "3.15.4-3ubuntu0.1+esm2" }, { "binary_name": "libfreeimage3", "binary_version": "3.15.4-3ubuntu0.1+esm2" }, { "binary_name": "libfreeimage3-dbg", "binary_version": "3.15.4-3ubuntu0.1+esm2" }, { "binary_name": "libfreeimage3-dbgsym", "binary_version": "3.15.4-3ubuntu0.1+esm2" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }