suse · CVE-2018-5810

Quick triage

Priority: medium Published: 2021-05-30 14:09:47 UTC Updated: 2023-12-09 00:53:29 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-5810 severity moderate: SUSE including 6 source package names (libraw, libraw-devel, libraw-devel-0.15.4-21.1, libraw-devel-static-0.15.4-21.1, libraw16, libraw9-0.15.4-21.1), 17 product×package rows across 9 product lines (SUSE Linux Enterprise Desktop 12 SP3, SUSE Linux Enterprise Desktop 12 SP4, … (9 product lines)): Fixed 14, Known Not Affected 3.

Description:

An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

cvelogic Threat Intelligence