A vulnerability has been found in LibRaw where a heap buffer overflow may lead to an application crash.
Package | media-libs/libraw on all architectures |
---|---|
Affected versions | < 0.21.1-r1 |
Unaffected versions | >= 0.21.1-r1 |
LibRaw is a library for reading RAW files obtained from digital photo cameras.
A vulnerability has been discovered in LibRaw. Please review the CVE identifier referenced below for details.
A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
There is no known workaround at this time.
All LibRaw users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libraw-0.21.1-r1"
Release date
December 22, 2023
Latest revision
December 22, 2023: 1
Severity
high
Exploitable
remote
Bugzilla entries