CVE-2020-35532

In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
References
Link Resource
https://github.com/LibRaw/LibRaw/commit/5ab45b085898e379fedc6b113e2e82a890602b1e Patch Third Party Advisory
https://github.com/LibRaw/LibRaw/issues/271 Exploit Issue Tracking Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00024.html Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:libraw:libraw:0.20.1:*:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.21.0:beta1:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.2:*:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.0:rc2:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.0:-:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Information

Published : 2022-09-01 11:15

Updated : 2022-09-29 09:29


NVD link : CVE-2020-35532

Mitre link : CVE-2020-35532


JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

libraw

  • libraw