A Stack-based Buffer Overflow was discovered in xtransinterpolate in internal/dcrawcommon.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
{ "binaries": [ { "binary_name": "libraw-bin", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-bin-dbgsym", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-dev", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw-doc", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw9", "binary_version": "0.15.4-1ubuntu0.1" }, { "binary_name": "libraw9-dbgsym", "binary_version": "0.15.4-1ubuntu0.1" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libraw-bin", "binary_version": "0.17.1-1ubuntu0.1" }, { "binary_name": "libraw-bin-dbgsym", "binary_version": "0.17.1-1ubuntu0.1" }, { "binary_name": "libraw-dev", "binary_version": "0.17.1-1ubuntu0.1" }, { "binary_name": "libraw-doc", "binary_version": "0.17.1-1ubuntu0.1" }, { "binary_name": "libraw15", "binary_version": "0.17.1-1ubuntu0.1" }, { "binary_name": "libraw15-dbgsym", "binary_version": "0.17.1-1ubuntu0.1" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libraw-bin", "binary_version": "0.18.5-1" }, { "binary_name": "libraw-bin-dbgsym", "binary_version": "0.18.5-1" }, { "binary_name": "libraw-dev", "binary_version": "0.18.5-1" }, { "binary_name": "libraw-doc", "binary_version": "0.18.5-1" }, { "binary_name": "libraw16", "binary_version": "0.18.5-1" }, { "binary_name": "libraw16-dbgsym", "binary_version": "0.18.5-1" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }