Lexa

**Name of the Vulnerable Software and Affected Versions** LibRaw versions prior to 0.21.4 **Description** The issue is related to an out-of-bounds read in the Fujifilm 0xf00c tag parser within the metadata/tiff.cpp file. **Recommendations** For versions prior to 0.21.4, update to version 0.21.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LibRaw versions prior to 0.21.4 **Description** The issue is related to out-of-bounds reads in the `phase one correct` function within `decoders/load mfbacks.cpp` for tag 0x412 processing. This is caused by large `w0` or `w1` values or the `frac` and `mult` calculations. **Recommendations** For versions prior to 0.21.4, update to version 0.21.4 or later to resolve the issue. As a temporary workaround, consider restricting the input values for `w0` and `w1` to prevent large values that could cause out-of-bounds reads.

**Name of the Vulnerable Software and Affected Versions** LibRaw versions prior to 0.21.4 **Description** The issue arises from the `phase one correct` function in `decoders/load mfbacks.cpp`, which allows out-of-buffer access. This occurs because the `split col` and `split row` values are not checked during the processing of the `0x041f` tag. **Recommendations** For versions prior to 0.21.4, update to version 0.21.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `load mfbacks.cpp` decoder to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LibRaw versions prior to 0.21.4 **Description** The issue arises from the processing of tag 0x412 in the phase one correct function within decoders/load mfbacks.cpp, where minimum w0 and w1 values are not enforced. **Recommendations** For versions prior to 0.21.4, update to version 0.21.4 or later to resolve the issue.