{"id":"CVE-2018-5800","details":"An off-by-one error within the \"LibRaw::kodak_ycbcr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.","modified":"2026-04-11T08:05:18.275828Z","published":"2018-12-07T22:29:00.443Z","related":["SUSE-SU-2018:3343-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html"},{"type":"ADVISORY","url":"https://secuniaresearch.flexerasoftware.com/advisories/79000/"},{"type":"ADVISORY","url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3615-1/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/104663"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3065"},{"type":"ADVISORY","url":"https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"},{"type":"FIX","url":"https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libraw/libraw","events":[{"introduced":"0"},{"fixed":"8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.18.7"}]}}],"versions":["0.12.0","0.13.0","0.13.1","0.13.2","0.13.3","0.13.4","0.13.5","0.13.6","0.14.0","0.14.1","0.14.2","0.14.3","0.14.4","0.14.5","0.14.6","0.15.0","0.16.0","0.17.0","0.18.0","0.18.1","0.18.2","0.18.3","0.18.4","0.18.5","0.18.6"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"17.10"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5800.json","vanir_signatures":[{"digest":{"length":5488,"function_hash":"161483585446594267200935247022503028262"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-016e6f33","target":{"function":"LibRaw::unpack","file":"src/libraw_cxx.cpp"}},{"digest":{"length":243,"function_hash":"160494918233589209001810960379427370094"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-09a4c581","target":{"function":"kodak_thumb_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":243,"function_hash":"160494918233589209001810960379427370094"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-0e32219a","target":{"function":"kodak_thumb_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"threshold":0.9,"line_hashes":["124352597106125194591251597623813245087","205284995094097582530856370968424278719","22988309875342170224409563331183752929","152524982112894191157422634430165024569","134314041729803709068108821152848661040","56826994616165192090472973610448379347","9335849157892235498825732050239788851","13895658195792164903745073899324943651","24466760082234887380727357519372869531","7426613730176305859336298852780303120","271838145860153652684670112833131013177","210342598399517506555949216805269868272","203918500306293612318249725421719062350","265278866704382827202670825729318647996","78951212272183871313650740983746536437","72040137193199700986915357609299583190","37207052900821485193484520787432001846","298406861113080713784553777104916175824","136969156965128291443653095736113578484","235407591583852246927127605934439653139","30196958699258018537772565469074963074","105579096636456265405734532937431786796","214014673505471298928868781745504967101","70545129739348577869896186898755704651","136425149642808564512258529105280230462","91400670279961731544970769829038102440","53067433816204783646723949955514109327","26187831458945772625088063865499582524","86590266928334755423253981495614712362","336103892140386112942258816375107482313","247961867312073565171760312702418044760","150240696824577948971417154241146358422","275284776873653422909872411440016382812","302841285493743931431551974456587418965","220916476889783483661247240454011667784","328767936967423010356050288127137669594"]},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Line","id":"CVE-2018-5800-11aa2fe3","target":{"file":"internal/dcraw_common.cpp"}},{"digest":{"threshold":0.9,"line_hashes":["124352597106125194591251597623813245087","205284995094097582530856370968424278719","22988309875342170224409563331183752929","152524982112894191157422634430165024569","134314041729803709068108821152848661040","56826994616165192090472973610448379347","9335849157892235498825732050239788851","13895658195792164903745073899324943651","24466760082234887380727357519372869531","7426613730176305859336298852780303120","271838145860153652684670112833131013177","210342598399517506555949216805269868272","203918500306293612318249725421719062350","265278866704382827202670825729318647996","78951212272183871313650740983746536437","72040137193199700986915357609299583190","37207052900821485193484520787432001846","298406861113080713784553777104916175824","136969156965128291443653095736113578484","235407591583852246927127605934439653139","30196958699258018537772565469074963074","105579096636456265405734532937431786796","214014673505471298928868781745504967101","70545129739348577869896186898755704651","136425149642808564512258529105280230462","91400670279961731544970769829038102440","53067433816204783646723949955514109327","26187831458945772625088063865499582524","86590266928334755423253981495614712362","336103892140386112942258816375107482313","247961867312073565171760312702418044760","150240696824577948971417154241146358422","275284776873653422909872411440016382812","302841285493743931431551974456587418965","220916476889783483661247240454011667784","328767936967423010356050288127137669594","176396876015451459354376681188751172409","318702961172474298222340958907578471478","184431407562271806030802193190809065591","98958406534496180594480157156599910465","309056222066399524872352719555832460388","120241558432838573609845346608985953322","100850317300044172871758774077954143283","183165565249248235104004237473157430537"]},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Line","id":"CVE-2018-5800-141c8de0","target":{"file":"dcraw/dcraw.c"}},{"digest":{"length":926,"function_hash":"258053693770198014831738181204152304597"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-1f261753","target":{"function":"kodak_c603_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":687,"function_hash":"15525495523015937544790174210825329364"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-3874ecfa","target":{"function":"kodak_rgb_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":971,"function_hash":"214421281184207399848919388196393537141"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-45d5e015","target":{"function":"kodak_c330_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":4331,"function_hash":"258645329150201233248176608017425116591"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-4b21475b","target":{"function":"kodak_radc_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":984,"function_hash":"163787082309327837638368078428263567791"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-5ba1248b","target":{"function":"kodak_ycbcr_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":766,"function_hash":"2862206903275483430271369263106098319"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-6e646bbe","target":{"function":"foveon_dp_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":971,"function_hash":"214421281184207399848919388196393537141"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-6f8245f7","target":{"function":"kodak_c330_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":687,"function_hash":"15525495523015937544790174210825329364"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-77b95003","target":{"function":"kodak_rgb_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":784,"function_hash":"107028413891214520022767389805362151335"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-7d1986c0","target":{"function":"nikon_yuv_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":1074,"function_hash":"3973563765850600755684746521009306221"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-a5bd9383","target":{"function":"sinar_4shot_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":926,"function_hash":"258053693770198014831738181204152304597"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-b01b8886","target":{"function":"kodak_c603_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":2297,"function_hash":"202245538503356998516944743852207703228"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-b7a85c51","target":{"function":"lossy_dng_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":960,"function_hash":"144737991149904957369473714665081941139"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-c3fa48de","target":{"function":"foveon_sd_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"threshold":0.9,"line_hashes":["252836511816281551337412742381892112552","97817573362742954812293633274999613411","43483054351564291780598603455924190391","339636120942977234911671384945116044918"]},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Line","id":"CVE-2018-5800-c8f1654b","target":{"file":"src/libraw_cxx.cpp"}},{"digest":{"length":784,"function_hash":"107028413891214520022767389805362151335"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-c9900705","target":{"function":"nikon_yuv_load_raw","file":"internal/dcraw_common.cpp"}},{"digest":{"length":984,"function_hash":"163787082309327837638368078428263567791"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-db936243","target":{"function":"kodak_ycbcr_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":2297,"function_hash":"202245538503356998516944743852207703228"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-e2c0a69f","target":{"function":"lossy_dng_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":4331,"function_hash":"258645329150201233248176608017425116591"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-e7137ad9","target":{"function":"kodak_radc_load_raw","file":"dcraw/dcraw.c"}},{"digest":{"length":1074,"function_hash":"3973563765850600755684746521009306221"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4","signature_version":"v1","deprecated":false,"signature_type":"Function","id":"CVE-2018-5800-ec879400","target":{"function":"sinar_4shot_load_raw","file":"dcraw/dcraw.c"}}],"vanir_signatures_modified":"2026-04-11T08:05:18Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}