CVE-2018-5807

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to 0.18.9

Description The issue is related to an out-of-bounds read in the internal/dcraw common.cpp component of the LibRaw image processing library. This can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. The samsung load raw() function is specifically vulnerable to this out-of-bounds read memory access, which can lead to a crash.

Recommendations For versions prior to 0.18.9, update to version 0.18.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the samsung load raw() function in the internal/dcraw common.cpp component until a patch is available.