Bug 1097973 - (CVE-2018-5805) VUL-0: CVE-2018-5805: libraw,dcraw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp
(CVE-2018-5805)
VUL-0: CVE-2018-5805: libraw,dcraw: Stack-based buffer overflow in quicktake_...
Status: REOPENED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/208350/
CVSSv3:SUSE:CVE-2018-5805:6.2:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-06-18 06:40 UTC by Alexander Bergmann
Modified: 2022-05-19 19:22 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2018-06-18 06:40:31 UTC
rh#1591887

A boundary error within the "quicktake_100_load_raw()" function
(internal/dcraw_common.cpp) can be exploited to cause a stack-based
buffer overflow and subsequently cause a crash.

References:

https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1591887
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5805
Comment 2 Matthias Gerstner 2018-09-21 09:02:20 UTC
For the record, this is the upstream fix:

https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff
Comment 4 Petr Gajdos 2018-12-19 12:03:22 UTC
For libraw: already fixed libraw-SA81000.patch.

Will adjust rpm changelogs for 42.3/libraw and 12/libraw.
Comment 5 Petr Gajdos 2018-12-19 12:17:35 UTC
Will submit for: 42.3/libraw and 12/libraw.
Comment 6 Petr Gajdos 2018-12-19 12:40:23 UTC
I believe all fixed for libraw.
Comment 8 Swamp Workflow Management 2018-12-19 13:40:06 UTC
This is an autogenerated message for OBS integration:
This bug (1097973) was mentioned in
https://build.opensuse.org/request/show/660000 42.3 / libraw
Comment 11 Swamp Workflow Management 2018-12-28 23:16:03 UTC
openSUSE-SU-2018:4299-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1097973,1097974,1097975,1118894
CVE References: CVE-2018-5804,CVE-2018-5805,CVE-2018-5806,CVE-2018-5808,CVE-2018-5816
Sources used:
openSUSE Leap 42.3 (src):    libraw-0.17.1-26.1
Comment 12 Swamp Workflow Management 2019-01-02 19:06:43 UTC
SUSE-SU-2019:0002-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1097973,1097974,1118894
CVE References: CVE-2018-5805,CVE-2018-5806,CVE-2018-5808
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    libraw-0.15.4-27.1
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    libraw-0.15.4-27.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    libraw-0.15.4-27.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libraw-0.15.4-27.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    libraw-0.15.4-27.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    libraw-0.15.4-27.1
Comment 13 Petr Ostadal 2022-04-07 08:55:24 UTC
fixed
Comment 14 Robert Frohl 2022-04-07 09:09:07 UTC
please re-assign tickets that are done to the security team to verify if the issue is complete as this is not straight forward. We have tracking in place which makes this easier for us.

In this specific case dcraw is still unfixed and would need submissions in SUSE:SLE-12:Update.
Comment 16 Swamp Workflow Management 2022-04-20 10:29:21 UTC
SUSE-SU-2022:1277-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056170,1063798,1084690,1097973,1097974,1117436,1117512,1117517,1117622,1117896,1189642
CVE References: CVE-2017-13735,CVE-2017-14608,CVE-2018-19565,CVE-2018-19566,CVE-2018-19567,CVE-2018-19568,CVE-2018-19655,CVE-2018-5801,CVE-2018-5805,CVE-2018-5806,CVE-2021-3624
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dcraw-9.28.0-150000.3.3.1
openSUSE Leap 15.3 (src):    dcraw-9.28.0-150000.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2022-05-19 19:22:44 UTC
SUSE-SU-2022:1749-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056170,1063798,1084690,1097973,1097974,1117436,1117512,1117517,1117622,1117896,1189642
CVE References: CVE-2017-13735,CVE-2017-14608,CVE-2018-19565,CVE-2018-19566,CVE-2018-19567,CVE-2018-19568,CVE-2018-19655,CVE-2018-5801,CVE-2018-5805,CVE-2018-5806,CVE-2021-3624
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    dcraw-9.28.0-3.3.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    dcraw-9.28.0-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.