Bug 1103206 - (CVE-2018-5815) VUL-1: CVE-2018-5815: libraw: Integer overflow in internal/dcraw_common.cpp:parse_qt() allows for denial of service
(CVE-2018-5815)
VUL-1: CVE-2018-5815: libraw: Integer overflow in internal/dcraw_common.cpp:p...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/211884/
CVSSv3:RedHat:CVE-2018-5815:4.3:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-07-31 08:19 UTC by Johannes Segitz
Modified: 2021-09-27 16:40 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2018-07-31 08:19:18 UTC
rh#1610151

LibRaw versions prior to 0.18.12 are vulnerable to an integer overflow in the internal/dcraw_common.cpp:parse_qt() function. An attacker could exploit this to cause an infinite loop via a specially crafted Apple QuickTime file.

SLE 15 only

Reference:
http://seclists.org/bugtraq/2018/Jul/58
https://bugzilla.redhat.com/show_bug.cgi?id=1610151
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5815
Comment 1 Petr Gajdos 2018-08-01 11:30:53 UTC
Assume this is the fix:
https://github.com/LibRaw/LibRaw/commit/4554e24ce24beaef5d0ef48372801cfd91039076
Comment 2 Petr Gajdos 2018-08-01 12:23:52 UTC
Will submit for: 15/libraw and 42.3/libraw.
Comment 3 Petr Gajdos 2018-08-01 13:16:10 UTC
I believe all fixed.
Comment 5 Swamp Workflow Management 2018-08-01 13:50:12 UTC
This is an autogenerated message for OBS integration:
This bug (1103206) was mentioned in
https://build.opensuse.org/request/show/626901 42.3 / libraw
Comment 6 Swamp Workflow Management 2018-08-10 01:09:46 UTC
openSUSE-SU-2018:2286-1: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1103200,1103206,1103353,1103359,1103360,1103361
CVE References: CVE-2018-5807,CVE-2018-5810,CVE-2018-5811,CVE-2018-5812,CVE-2018-5813,CVE-2018-5815
Sources used:
openSUSE Leap 42.3 (src):    libraw-0.17.1-23.1
Comment 8 Swamp Workflow Management 2019-01-02 19:07:54 UTC
SUSE-SU-2019:0005-1: An update that fixes four vulnerabilities is now available.

Category: security (moderate)
Bug References: 1097975,1103200,1103206
CVE References: CVE-2018-5804,CVE-2018-5813,CVE-2018-5815,CVE-2018-5816
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    libraw-0.18.9-3.5.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    libraw-0.18.9-3.5.1
Comment 9 Swamp Workflow Management 2019-01-10 20:12:10 UTC
openSUSE-SU-2019:0008-1: An update that fixes four vulnerabilities is now available.

Category: security (moderate)
Bug References: 1097975,1103200,1103206
CVE References: CVE-2018-5804,CVE-2018-5813,CVE-2018-5815,CVE-2018-5816
Sources used:
openSUSE Leap 15.0 (src):    libraw-0.18.9-lp150.2.3.1
Comment 10 Marcus Meissner 2019-04-05 15:36:23 UTC
released
Comment 11 OBSbugzilla Bot 2021-09-27 16:40:11 UTC
This is an autogenerated message for OBS integration:
This bug (1103206) was mentioned in
https://build.opensuse.org/request/show/921823 Factory / libraw