Vulnetix
Try Vulnetix Request Demo
CVE-2017-6886 PUBLISHED

An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

EPSS 0.58% · 68.7th percentile

Risk Scores

EPSS Score
0.58%
68.7th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSrawtherapee0, 5.2-1, 5.3-1
Ubuntu:16.04:LTSdarktable1.6.9-1, 2.0.3-1, 2.0.1-1
Ubuntu:24.04:LTSexactimage1.0.2-11build4, 1.0.2-11build7, 1.0.2-11build8
Ubuntu:20.04:LTSdcraw9.28-2, 0
Ubuntu:20.04:LTSdarktable2.6.2-3, 3.0.1-0ubuntu1, 2.6.3-1build2
Ubuntu:24.04:LTSkodi2:20.2+dfsg-4ubuntu1, 2:20.5+dfsg-1build2, 2:20.4+dfsg-1
Ubuntu:20.04:LTSexactimage1.0.2-5ubuntu2, 1.0.2-7ubuntu1, 1.0.2-7ubuntu2
Ubuntu:22.04:LTSexactimage1.0.2-8build1, 0, 1.0.2-8build2
Ubuntu:25.10exactimage0, 1.2.1-2
Ubuntu:25.10darktable5.0.1-0ubuntu2, 0, 5.0.1-0ubuntu1
Ubuntu:25.10dcraw9.28-8, 0
Ubuntu:18.04:LTSdcraw0, 9.27-1ubuntu1
Ubuntu:16.04:LTSexactimage0.9.1-11, 0.9.1-10, 0.9.1-9build1
Ubuntu:20.04:LTSkodi2:18.5+dfsg1-0ubuntu3, 0, 2:17.6+dfsg1-4ubuntu4
Ubuntu:18.04:LTSdarktable2.4.0-1, 2.4.1-1, 2.4.2-1
Ubuntu:16.04:LTSdcraw9.21-0.2, 0
Ubuntu:22.04:LTSdcraw9.28-3, 9.28-2, 0
Ubuntu:25.10kodi2:21.2+dfsg-4, 2:21.2+dfsg-4build2, 2:21.2+dfsg-1build2
Ubuntu:16.04:LTSufraw0.20-3build1, 0
Ubuntu:22.04:LTSkodi2:19.3+dfsg1-1build4, 2:19.3+dfsg1-1build5, 2:19.4+dfsg1-2

…and 14 more

Timeline

References

Open in Interactive Console →