An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.
References
Link | Resource |
---|---|
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt | Third Party Advisory |
https://github.com/LibRaw/LibRaw/commit/e47384546b43d0fd536e933249047bc397a4d88b | Patch Third Party Advisory |
https://secuniaresearch.flexerasoftware.com/advisories/83050/ | Permissions Required Third Party Advisory |
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-13/ | Third Party Advisory |
https://usn.ubuntu.com/3838-1/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: flexera
Published: 2018-12-07T22:00:00
Updated: 2020-10-20T19:39:50
Reserved: 2018-01-19T00:00:00
Link: CVE-2018-5813
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-07T22:29:01.520
Modified: 2020-11-10T19:30:42.883
Link: CVE-2018-5813
JSON object: View
Redhat Information
No data.
CWE