SB2018122504 - Denial of service in libraw

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2018-20363)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in libraw_cxx.cpp in. A remote attacker can trick the victim into opening a specially crafted input and perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2018-20364)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in libraw_cxx.cpp. A remote attacker can trick the victim into opening a specially crafted input and perform a denial of service (DoS) attack.

3) Heap-based buffer overflow (CVE-ID: CVE-2018-20365)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to heap-based buffer overflow in libraw_cxx.cpp. A remote attacker can trick the victim into opening a specially crafted input, trigger memory corruption and perform DoS attack.

4) Stack-based buffer overflow (CVE-ID: CVE-2018-20337)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp. A remote attacker can trick the victim into opening a specially crafted input, trigger memory corruption and perform DoS attack.

Remediation

Install update from vendor's website.

References

• https://github.com/LibRaw/LibRaw/issues/193
• https://github.com/LibRaw/LibRaw/issues/194
• https://github.com/LibRaw/LibRaw/issues/195
• https://github.com/LibRaw/LibRaw/issues/192