CVE-2018-5806 - OpenCVE

An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Libraw	Libraw
Redhat	Enterprise Linux Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation

Configuration 1 [-]

cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
libkdcraw-0:4.10.5-5.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2018:3065	2018-10-30T00:00:00Z

References

Link	Providers
https://access.redhat.com/errata/RHSA-2018:3065
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt
https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff
https://nvd.nist.gov/vuln/detail/CVE-2018-5806
https://secuniaresearch.flexerasoftware.com/advisories/81000/
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/
https://www.cve.org/CVERecord?id=CVE-2018-5806

History

No history.

MITRE

Status: PUBLISHED

Assigner: flexera

Published: 2018-12-07T22:00:00

Updated: 2024-08-05T05:47:54.588Z

Reserved: 2018-01-19T00:00:00

Link: CVE-2018-5806

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-12-07T22:29:00.880

Modified: 2018-12-28T21:29:51.607

Link: CVE-2018-5806

Redhat

Severity : Low

Publid Date: 2018-03-14T00:00:00Z

Links: CVE-2018-5806 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "LibRaw", "vendor": "n/a", "versions": [{"status": "affected", "version": "Prior to 0.18.8"}]}], "datePublic": "2018-12-07T00:00:00", "descriptions": [{"lang": "en", "value": "An error within the \"leaf_hdr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "DoS (Denial of Service) through NULL pointer dereference", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-08T10:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "81000", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "https://secuniaresearch.flexerasoftware.com/advisories/81000/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"}, {"name": "RHSA-2018:3065", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3065"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff"}, {"tags": ["x_refsource_MISC"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2018-5806", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "LibRaw", "version": {"version_data": [{"version_value": "Prior to 0.18.8"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An error within the \"leaf_hdr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DoS (Denial of Service) through NULL pointer dereference"}]}]}, "references": {"reference_data": [{"name": "81000", "refsource": "SECUNIA", "url": "https://secuniaresearch.flexerasoftware.com/advisories/81000/"}, {"name": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt", "refsource": "MISC", "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"}, {"name": "RHSA-2018:3065", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3065"}, {"name": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff", "refsource": "MISC", "url": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff"}, {"name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/", "refsource": "MISC", "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T05:47:54.588Z"}, "title": "CVE Program Container", "references": [{"name": "81000", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "https://secuniaresearch.flexerasoftware.com/advisories/81000/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"}, {"name": "RHSA-2018:3065", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3065"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2018-5806", "datePublished": "2018-12-07T22:00:00", "dateReserved": "2018-01-19T00:00:00", "dateUpdated": "2024-08-05T05:47:54.588Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD58177D-D7FB-4B22-8E44-ED04AC0679DE", "versionEndExcluding": "0.18.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An error within the \"leaf_hdr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference."}, {"lang": "es", "value": "Un error en la funci\u00f3n \"leaf_hdr_load_raw()\" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una desreferencia de puntero NULL."}], "id": "CVE-2018-5806", "lastModified": "2018-12-28T21:29:51.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-07T22:29:00.880", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3065"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Release Notes"], "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Patch"], "url": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory"], "url": "https://secuniaresearch.flexerasoftware.com/advisories/81000/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3/"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:3065", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "libkdcraw-0:4.10.5-5.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-10-30T00:00:00Z"}], "bugzilla": {"description": "LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp", "id": "1591897", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591897"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-476", "details": ["An error within the \"leaf_hdr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.", "A NULL pointer dereference vulnerability in internal/dcraw_common.cpp:leaf_hdr_load_raw() function was found in LibRaw. A user can cause a denial of service when processing specially-crafted RAW data."], "name": "CVE-2018-5806", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "LibRaw", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "LibRaw", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-03-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-5806\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-5806"], "statement": "This issue did not affect the versions of dcraw as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the vulnerable code.\nThis issue did not affect the versions of LibRaw as shipped with Red Hat Enterprise Linux 7 as they did not include the vulnerable code.", "threat_severity": "Low", "upstream_fix": "LibRaw 0.18.8"}