Ubuntu update for libraw

1) Buffer overflow

EUVDB-ID: #VU31920

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-15503

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in "decoders/unpack_thumb.cpp", "postprocessing/mem_image.cpp" and u"tils/thumb_utils.cpp". A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Update the affected package libraw to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

libraw16 (Ubuntu package): before 0.18.8-1ubuntu0.4

libraw19 (Ubuntu package): before 0.19.5-1ubuntu1.1

External links

http://ubuntu.com/security/notices/USN-5715-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU69256

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35530

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the new_node() function in librawsrcx3fx3f_utils_patched.cpp. A remote attacker can create a specially crafted X3F file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Update the affected package libraw to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

libraw16 (Ubuntu package): before 0.18.8-1ubuntu0.4

libraw19 (Ubuntu package): before 0.19.5-1ubuntu1.1

External links

http://ubuntu.com/security/notices/USN-5715-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU69253

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35531

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the get_huffman_diff() function in librawsrcx3fx3f_utils_patched.cpp. A remote attacker can trick the victim to open a specially crafted file, trigger an out-of-bounds read error and crash the application.

Mitigation

Update the affected package libraw to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

libraw16 (Ubuntu package): before 0.18.8-1ubuntu0.4

libraw19 (Ubuntu package): before 0.19.5-1ubuntu1.1

External links

http://ubuntu.com/security/notices/USN-5715-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU69255

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35532

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the simple_decode_row() function in librawsrcx3fx3f_utils_patched.cpp. A remote attacker can trick the victim to open a specially crafted file, trigger an out-of-bounds read error and crash the application.

Mitigation

Update the affected package libraw to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

libraw16 (Ubuntu package): before 0.18.8-1ubuntu0.4

libraw19 (Ubuntu package): before 0.19.5-1ubuntu1.1

External links

http://ubuntu.com/security/notices/USN-5715-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU69254

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35533

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the LibRaw::adobe_copy_pixel() function in librawsrcdecodersdng.cpp. A remote attacker can trick the victim to open a specially crafted file, trigger an out-of-bounds read error and crash the application.

Mitigation

Update the affected package libraw to the latest version.

Vulnerable software versions

Ubuntu: 18.04 - 20.04

libraw16 (Ubuntu package): before 0.18.8-1ubuntu0.4

libraw19 (Ubuntu package): before 0.19.5-1ubuntu1.1

External links

http://ubuntu.com/security/notices/USN-5715-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.