Vulnetix
Try Vulnetix Request Demo
CVE-2017-16909 PUBLISHED

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

EPSS 0.57% · 68.5th percentile

Risk Scores

EPSS Score
0.57%
68.5th percentile

Affected Products

VendorProductVersions
Ubuntu:25.10rawtherapee5.11-2build2, 0
Ubuntu:24.04:LTSrawtherapee5.10-1build3, 5.10-1build4, 5.9-2
Ubuntu:16.04:LTSlibraw0.17.1-1ubuntu0.1, 0.17.0-1, 0.16.2-1
Ubuntu:18.04:LTSkodi2:17.6+dfsg1-1ubuntu1, 2:17.6+dfsg1-1build1, 2:17.6+dfsg1-1
Ubuntu:24.04:LTSexactimage0, 1.0.2-11build9, 1.0.2-11build8
Ubuntu:18.04:LTSdarktable2.2.5-2, 2.4.1-1, 2.4.2-1
Ubuntu:16.04:LTSdarktable2.0.1-1, 2.0.0-1, 1.6.9-1
Ubuntu:25.10kodi0, 2:21.2+dfsg-4build2, 2:21.2+dfsg-4build1
Ubuntu:16.04:LTSufraw0, 0.20-3build1
Ubuntu:20.04:LTSkodi2:17.6+dfsg1-4ubuntu10, 2:18.6+dfsg1-2ubuntu1, 2:18.5+dfsg1-0ubuntu3
Ubuntu:24.04:LTSdcraw9.28-3.1ubuntu1, 9.28-5ubuntu1, 0
Ubuntu:20.04:LTSrawtherapee0, 5.7-1, 5.8-1
Ubuntu:16.04:LTSdcraw0, 9.21-0.2
Ubuntu:25.10darktable5.0.1-1, 5.0.1-0ubuntu2, 5.0.1-0ubuntu1
Ubuntu:16.04:LTSrawtherapee0, 4.2-2build1, 4.2-4
Ubuntu:18.04:LTSexactimage0, 0.9.2-1build1, 1.0.1-1
Ubuntu:18.04:LTSrawtherapee5.3-1, 5.2-1, 0
Ubuntu:16.04:LTSexactimage0.9.1-9, 0, 0.9.1-6build1
Ubuntu:20.04:LTSdcraw0, 9.28-2
Ubuntu:16.04:LTSkodi15.1+dfsg1-3, 15.2+dfsg1-1build1, 15.2+dfsg1-3ubuntu1.1

…and 14 more

Timeline

References

Open in Interactive Console →