PT-2018-15012 · Dave Coffin+3 · Dcraw+3

Hanno Böck

Published

2018-06-06

Updated

2024-06-15

CVE-2018-19568

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions dcraw versions through 9.28

Description A floating point exception in the kodak radc load raw function in dcraw could be used by attackers who can supply malicious files to crash an application that uses the dcraw code.

Recommendations For versions through 9.28, update to a version that fixes the floating point exception issue in the kodak radc load raw function to prevent application crashes from malicious files.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2018-1857

CVE-2018-19568

MGASA-2022-0160

OPENSUSE-SU-2022_1277-1

OPENSUSE-SU-2024:11997-1

SUSE-SU-2022:1277-1

SUSE-SU-2022:1749-1

Affected Products

Alt Linux

Debian

Suse

Dcraw

PT-2018-15012 · Dave Coffin+3 · Dcraw+3

CVE-2018-19568

Weakness Enumeration

Related Identifiers

Affected Products

References · 41