CVE-2018-5811

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to 0.18.9

Description The issue is related to an out-of-bounds read in the internal/dcraw common.cpp component of the LibRaw image processing library. This can be exploited by a remote attacker to cause a denial of service. The nikon coolscan load raw() function is specifically vulnerable to this out-of-bounds read memory access, which can lead to a crash.

Recommendations For versions prior to 0.18.9, update to version 0.18.9 or later to resolve the issue. As a temporary workaround, consider disabling the nikon coolscan load raw() function until a patch is available.