CVE-2018-5806
LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
Un error en la funciĆ³n "leaf_hdr_load_raw()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una desreferencia de puntero NULL.
A NULL pointer dereference vulnerability in internal/dcraw_common.cpp:leaf_hdr_load_raw() function was found in LibRaw. A user can cause a denial of service when processing specially-crafted RAW data.
An update that fixes 11 vulnerabilities is now available. This update for dcraw fixes the following issues. Fixed a denial of service issue due to a floating point exception. Fixed an invalid memory access that could lead to information disclosure or denial of service. Fixed a buffer overflow that could lead to an application crash. Fixed an invalid memory access that could lead to denial of service. Fixed a buffer overflow that could lead to an application crash. Fixed an invalid memory access that could lead to denial of service. Fixed an invalid memory access that could lead to information disclosure or denial of service. Fixed an invalid memory access that could lead to information disclosure or denial of service. Fixed a denial of service issue due to a floating point exception. Fixed a denial of service issue due to a floating point exception. Fixed a buffer overflow that could lead to code execution or denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-19 CVE Reserved
- 2018-03-14 CVE Published
- 2024-08-05 CVE Updated
- 2025-05-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt | Release Notes | |
| https://secuniaresearch.flexerasoftware.com/advisories/81000 | Third Party Advisory | |
| https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff | 2018-12-28 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:3065 | 2018-12-28 | |
| https://access.redhat.com/security/cve/CVE-2018-5806 | 2018-10-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1591897 | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libraw Search vendor "Libraw" | Libraw Search vendor "Libraw" for product "Libraw" | < 0.18.8 Search vendor "Libraw" for product "Libraw" and version " < 0.18.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||