Bug 1084690 - (CVE-2018-5801) VUL-1: CVE-2018-5801 libraw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp
(CVE-2018-5801)
VUL-1: CVE-2018-5801 libraw: NULL pointer dereference in LibRaw::unpack funct...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/201483/
CVSSv3:RedHat:CVE-2018-5801:3.3:(AV:L...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-09 13:26 UTC by Karol Babioch
Modified: 2022-05-19 19:22 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Karol Babioch 2018-03-09 13:26:44 UTC
rh#1553334

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference.

References:

https://packetstormsecurity.com/files/146172/secunia-libraw.txt

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1553334
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5801
Comment 1 Petr Gajdos 2018-03-10 14:07:21 UTC
No testcase found.
Comment 2 Petr Gajdos 2018-03-12 11:00:18 UTC
This seems to be SA#79000, or so it is referenced in git commit change log at least. Upstream fixes this SA as a whole, I will fix it so as well.

https://github.com/LibRaw/LibRaw/commit/4cb60a6c8f1ec54e51e805d94213f4d49d6118f6

I will exclude dcraw.c, see bug 1060163 comment 6.

I will also include fix for SA#81000.

Affected: 42.3/libraw, 12/libraw
Comment 3 Petr Gajdos 2018-03-12 11:01:04 UTC
Packages submitted, I believe all fixed.
Comment 5 Swamp Workflow Management 2018-03-12 11:40:14 UTC
This is an autogenerated message for OBS integration:
This bug (1084690) was mentioned in
https://build.opensuse.org/request/show/585853 42.3 / libraw
Comment 6 Swamp Workflow Management 2018-03-18 14:07:14 UTC
openSUSE-SU-2018:0731-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1084688,1084690,1084691
CVE References: CVE-2018-5800,CVE-2018-5801,CVE-2018-5802
Sources used:
openSUSE Leap 42.3 (src):    libraw-0.17.1-17.1
Comment 8 Swamp Workflow Management 2018-10-23 19:14:18 UTC
SUSE-SU-2018:3343-1: An update that fixes 5 vulnerabilities is now available.

Category: security (low)
Bug References: 1084688,1084690,1084691,1103200,1103353
CVE References: CVE-2018-5800,CVE-2018-5801,CVE-2018-5802,CVE-2018-5810,CVE-2018-5813
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    libraw-0.15.4-21.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libraw-0.15.4-21.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    libraw-0.15.4-21.1
Comment 9 Marcus Meissner 2019-04-05 15:35:33 UTC
released
Comment 12 Swamp Workflow Management 2022-04-20 10:29:16 UTC
SUSE-SU-2022:1277-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056170,1063798,1084690,1097973,1097974,1117436,1117512,1117517,1117622,1117896,1189642
CVE References: CVE-2017-13735,CVE-2017-14608,CVE-2018-19565,CVE-2018-19566,CVE-2018-19567,CVE-2018-19568,CVE-2018-19655,CVE-2018-5801,CVE-2018-5805,CVE-2018-5806,CVE-2021-3624
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dcraw-9.28.0-150000.3.3.1
openSUSE Leap 15.3 (src):    dcraw-9.28.0-150000.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2022-05-19 19:22:40 UTC
SUSE-SU-2022:1749-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056170,1063798,1084690,1097973,1097974,1117436,1117512,1117517,1117622,1117896,1189642
CVE References: CVE-2017-13735,CVE-2017-14608,CVE-2018-19565,CVE-2018-19566,CVE-2018-19567,CVE-2018-19568,CVE-2018-19655,CVE-2018-5801,CVE-2018-5805,CVE-2018-5806,CVE-2021-3624
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    dcraw-9.28.0-3.3.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    dcraw-9.28.0-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.