oss-sec mailing list archives

Re: [oCERT-2015-006] dcraw input sanitization errors

From: cve-assign () mitre org
Date: Tue, 12 May 2015 14:33:55 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

an integer overflow condition which lead to a buffer overflow. The
vulnerability concerns the 'len' variable, parsed without validation from
opened images, used in the ljpeg_start() function.

https://github.com/LibRaw/LibRaw/commit/4606c28f494a750892c5c1ac7903e62dd1c6fdb5
https://github.com/rawstudio/rawstudio/commit/983bda1f0fa5fa86884381208274198a620f006e
http://www.ocert.org/advisories/ocert-2015-006.html


Use CVE-2015-3885.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVUkc+AAoJEKllVAevmvmsyYwH/13dB8lcpUnYyyuswusPp7XA
mrfbvB2SO7vuDDSrf3ppdtiFtlzsOtbhDoBE7b4AHz3w+cbp8fBOED543gVTBRni
oGTwMb4enGL3a7l/nTytWqqerlyY5gK7EUq2nHEGE/RbZgeTOsGV0Qp90mIChwTz
g19zhl3lKK6JCbxI5jhMqiU32KACInFvmJ0+ueN5Pbr7noTC71xIj6ZXpiIOWHEH
5m/O4qti0iOwDvtqiapoUABwkPAwj81kWwdeIsE8gu0+Qjd29VZorpi/yP9sMqLQ
BMFcRgDTzV+e3an/l0BOo+myuc9wRyw80ZzbfofF3GDxO4t2ZZLsZfYm+XoHZUI=
=+nnf
-----END PGP SIGNATURE-----

Current thread:

[oCERT-2015-006] dcraw input sanitization errors Andrea Barisani (May 11)
- Re: [oCERT-2015-006] dcraw input sanitization errors cve-assign (May 12)
- Re: [oCERT-2015-006] dcraw input sanitization errors Stefan Cornelius (May 19)