| Bug ID | 1103359 |
|---|---|
| Summary | VUL-1: CVE-2018-5811: libraw: out-of-bounds read in nikon_coolscan_load_raw |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 42.3 |
| Hardware | Other |
| URL | https://smash.suse.de/issue/211940/ |
| OS | Other |
| Status | NEW |
| Severity | Minor |
| Priority | P5 - None |
| Component | Security |
| Assignee | pgajdos@suse.com |
| Reporter | jsegitz@suse.com |
| QA Contact | security-team@suse.de |
| Found By | Security Response Team |
| Blocker | --- |
rh#1610483 A flaw was found in LibRaw versions before 0.18.9. An error within the nikon_coolscan_load_raw() function (internal/dcraw_common.cpp) can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Leap 42.3 affected References: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/ https://bugzilla.redhat.com/show_bug.cgi?id=1610483 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5811