发布时间: 2023年5月19日
修改时间: 2024年10月31日
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
NVD | openEuler | |
---|---|---|
Confidentiality | None | None |
Attack Vector | Network | Local |
CVSS评分 | 6.5 | 3.3 |
Attack Complexity | Low | Low |
Privileges Required | None | None |
Scope | Unchanged | Unchanged |
Integrity | None | None |
User Interaction | Required | Required |
Availability | High | Low |
公告名 | 概要 | 发布时间 |
---|---|---|
KylinSec-SA-2023-1376 | LibRaw security update | 2023年5月19日 |
产品 | 包 | 状态 |
---|---|---|
KY3.4-4A | LibRaw | Fixed |
KY3.4-5 | LibRaw | Fixed |
KY3.5.1 | LibRaw | Fixed |
KY3.5.2 | LibRaw | Fixed |