Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-16910
Analyzed
More InfoOfficial Page
Source-PSIRT-CNA@flexerasoftware.com
View Known Exploited Vulnerability (KEV) details
Published At-07 Dec, 2018 | 22:29
Updated At-28 Dec, 2018 | 21:56

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.06.5MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
libraw
libraw
>>libraw>>Versions before 0.18.6(exclusive)
cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>17.10
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txtPSIRT-CNA@flexerasoftware.com
Release Notes
https://github.com/LibRaw/LibRaw/commit/5563e6ddc3f7cb93d98b491194ceebdee7288d36PSIRT-CNA@flexerasoftware.com
Patch
https://secuniaresearch.flexerasoftware.com/advisories/76000/PSIRT-CNA@flexerasoftware.com
Third Party Advisory
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19/PSIRT-CNA@flexerasoftware.com
Third Party Advisory
https://usn.ubuntu.com/3615-1/PSIRT-CNA@flexerasoftware.com
Third Party Advisory
Change History
0Changes found
Details not found