Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 12 SP3 package libraw, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (24)
CVE-2015-8367 — CVSS 9.8 (critical): The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related…
CVE-2017-6889 — CVSS 9.8 (critical): An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be…
CVE-2017-6890 — CVSS 9.8 (critical): A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2…
CVE-2017-6886 — CVSS 9.8 (critical): An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt…
CVE-2017-14608 — CVSS 9.1 (critical): In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and…
CVE-2017-16909 — CVSS 8.8 (high): An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to…
CVE-2018-5805 — CVSS 8.8 (high): A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be…
CVE-2018-5808 — CVSS 8.8 (high): An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a…
CVE-2018-5810 — CVSS 8.8 (high): An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a…
CVE-2018-5802 — CVSS 8.8 (high): An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to…
CVE-2017-6887 — CVSS 7.8 (high): A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to…
CVE-2018-5817 — CVSS 7.5 (high): A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be…
CVE-2017-13735 — CVSS 7.5 (high): There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote…
CVE-2018-5818 — CVSS 7.5 (high): An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to…
CVE-2018-5819 — CVSS 7.5 (high): An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to…
CVE-2018-5800 — CVSS 6.5 (medium): An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can…
CVE-2018-5801 — CVSS 6.5 (medium): An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL…
CVE-2018-5806 — CVSS 6.5 (medium): An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to…
CVE-2018-5813 — CVSS 6.5 (medium): An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite…
CVE-2017-6899 — CVSS 6.2 (medium): The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through…
CVE-2015-3885 — CVSS 4.3 (medium): Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a…