#VU11768 Out-of-bounds write in LibRaw - CVE-2018-5802


Vulnerability identifier: #VU11768

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-5802

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
LibRaw
Universal components / Libraries / Libraries used by multiple products

Vendor: LibRaw LLC

Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable due to incorrect handling of photo files. A remote attacker can submit a specially crafted photo file, trigger out-of-bounds write and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update to version 0.18.7.

Vulnerable software versions

LibRaw: 0.18.0 - 0.18.6


External links
https://packetstormsecurity.com/files/cve/CVE-2018-5802


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability