libraw: Multiple vulnerabilities (CVE-2017-6886, CVE-2017-6887)
CVE-2017-6886: Memory corruption in the parse_tiff_ifd()
An error within the “parse_tiff_ifd()” function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
Fixed In Version:
LibRaw 0.18.2
References:
https://secuniaresearch.flexerasoftware.com/secunia\_research/2017-5/
https://nvd.nist.gov/vuln/detail/CVE-2017-6886
Patch:
https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
CVE-2017-6887: Boundary error in the parse_tiff_ifd()
A boundary error within the “parse_tiff_ifd()” function
(internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be
exploited to cause a memory
corruption via e.g. a specially crafted KDC file with model set to
“DSLR-A100” and containing multiple sequences of 0x100 and 0x14A TAGs.
Fixed In Version:
LibRaw 0.18.2
References:
https://secuniaresearch.flexerasoftware.com/secunia\_research/2017-6/
https://nvd.nist.gov/vuln/detail/CVE-2017-6887
Patch:
https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
(from redmine: issue id 7740, created on 2017-08-22, closed on 2017-09-05)
- Relations:
- child #7741 (closed)
- child #7742 (closed)
- child #7743 (closed)
- child #7744 (closed)