{"id":"CVE-2018-5800","details":"An off-by-one error within the \"LibRaw::kodak_ycbcr_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.","modified":"2026-07-08T16:41:00.873065Z","published":"2018-12-07T22:29:00.443Z","related":["SUSE-SU-2018:3343-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"canonical:ubuntu_linux","extracted_events":[{"introduced":"14.04"},{"last_affected":"14.04"},{"introduced":"16.04"},{"last_affected":"16.04"},{"introduced":"17.10"},{"last_affected":"17.10"}]},{"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"debian:debian_linux","extracted_events":[{"introduced":"8.0"},{"last_affected":"8.0"}]},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_desktop","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}]},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_server","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}]},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_workstation","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}]}]},"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/104663"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3065"},{"type":"ADVISORY","url":"https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html"},{"type":"ADVISORY","url":"https://secuniaresearch.flexerasoftware.com/advisories/79000/"},{"type":"ADVISORY","url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3615-1/"},{"type":"FIX","url":"https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libraw/libraw","events":[{"introduced":"0"},{"fixed":"8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"}],"database_specific":{"cpe":"cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*","source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"0"},{"fixed":"0.18.7"}]}}],"versions":["0.18.6","0.18.5","0.18.4","0.18.3","0.18.2","0.18.1","0.18.0","0.17.0","0.16.0","0.15.0","0.14.6","0.14.5","0.14.4","0.14.3","0.14.2","0.14.1","0.14.0","0.13.6","0.13.5","0.13.4","0.13.3","0.13.2","0.13.1","0.13.0","0.12.0"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","digest":{"length":5488,"function_hash":"161483585446594267200935247022503028262"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-016e6f33","target":{"file":"src/libraw_cxx.cpp","function":"LibRaw::unpack"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":243,"function_hash":"160494918233589209001810960379427370094"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-09a4c581","target":{"file":"internal/dcraw_common.cpp","function":"kodak_thumb_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":243,"function_hash":"160494918233589209001810960379427370094"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-0e32219a","target":{"file":"dcraw/dcraw.c","function":"kodak_thumb_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Line","digest":{"line_hashes":["124352597106125194591251597623813245087","205284995094097582530856370968424278719","22988309875342170224409563331183752929","152524982112894191157422634430165024569","134314041729803709068108821152848661040","56826994616165192090472973610448379347","9335849157892235498825732050239788851","13895658195792164903745073899324943651","24466760082234887380727357519372869531","7426613730176305859336298852780303120","271838145860153652684670112833131013177","210342598399517506555949216805269868272","203918500306293612318249725421719062350","265278866704382827202670825729318647996","78951212272183871313650740983746536437","72040137193199700986915357609299583190","37207052900821485193484520787432001846","298406861113080713784553777104916175824","136969156965128291443653095736113578484","235407591583852246927127605934439653139","30196958699258018537772565469074963074","105579096636456265405734532937431786796","214014673505471298928868781745504967101","70545129739348577869896186898755704651","136425149642808564512258529105280230462","91400670279961731544970769829038102440","53067433816204783646723949955514109327","26187831458945772625088063865499582524","86590266928334755423253981495614712362","336103892140386112942258816375107482313","247961867312073565171760312702418044760","150240696824577948971417154241146358422","275284776873653422909872411440016382812","302841285493743931431551974456587418965","220916476889783483661247240454011667784","328767936967423010356050288127137669594"],"threshold":0.9},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-11aa2fe3","target":{"file":"internal/dcraw_common.cpp"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Line","digest":{"line_hashes":["124352597106125194591251597623813245087","205284995094097582530856370968424278719","22988309875342170224409563331183752929","152524982112894191157422634430165024569","134314041729803709068108821152848661040","56826994616165192090472973610448379347","9335849157892235498825732050239788851","13895658195792164903745073899324943651","24466760082234887380727357519372869531","7426613730176305859336298852780303120","271838145860153652684670112833131013177","210342598399517506555949216805269868272","203918500306293612318249725421719062350","265278866704382827202670825729318647996","78951212272183871313650740983746536437","72040137193199700986915357609299583190","37207052900821485193484520787432001846","298406861113080713784553777104916175824","136969156965128291443653095736113578484","235407591583852246927127605934439653139","30196958699258018537772565469074963074","105579096636456265405734532937431786796","214014673505471298928868781745504967101","70545129739348577869896186898755704651","136425149642808564512258529105280230462","91400670279961731544970769829038102440","53067433816204783646723949955514109327","26187831458945772625088063865499582524","86590266928334755423253981495614712362","336103892140386112942258816375107482313","247961867312073565171760312702418044760","150240696824577948971417154241146358422","275284776873653422909872411440016382812","302841285493743931431551974456587418965","220916476889783483661247240454011667784","328767936967423010356050288127137669594","176396876015451459354376681188751172409","318702961172474298222340958907578471478","184431407562271806030802193190809065591","98958406534496180594480157156599910465","309056222066399524872352719555832460388","120241558432838573609845346608985953322","100850317300044172871758774077954143283","183165565249248235104004237473157430537"],"threshold":0.9},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-141c8de0","target":{"file":"dcraw/dcraw.c"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":926,"function_hash":"258053693770198014831738181204152304597"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-1f261753","target":{"file":"dcraw/dcraw.c","function":"kodak_c603_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":687,"function_hash":"15525495523015937544790174210825329364"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-3874ecfa","target":{"file":"dcraw/dcraw.c","function":"kodak_rgb_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":971,"function_hash":"214421281184207399848919388196393537141"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-45d5e015","target":{"file":"internal/dcraw_common.cpp","function":"kodak_c330_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":4331,"function_hash":"258645329150201233248176608017425116591"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-4b21475b","target":{"file":"internal/dcraw_common.cpp","function":"kodak_radc_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":984,"function_hash":"163787082309327837638368078428263567791"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-5ba1248b","target":{"file":"internal/dcraw_common.cpp","function":"kodak_ycbcr_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":766,"function_hash":"2862206903275483430271369263106098319"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-6e646bbe","target":{"file":"dcraw/dcraw.c","function":"foveon_dp_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":971,"function_hash":"214421281184207399848919388196393537141"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-6f8245f7","target":{"file":"dcraw/dcraw.c","function":"kodak_c330_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":687,"function_hash":"15525495523015937544790174210825329364"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-77b95003","target":{"file":"internal/dcraw_common.cpp","function":"kodak_rgb_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":784,"function_hash":"107028413891214520022767389805362151335"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-7d1986c0","target":{"file":"dcraw/dcraw.c","function":"nikon_yuv_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":1074,"function_hash":"3973563765850600755684746521009306221"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-a5bd9383","target":{"file":"internal/dcraw_common.cpp","function":"sinar_4shot_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":926,"function_hash":"258053693770198014831738181204152304597"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-b01b8886","target":{"file":"internal/dcraw_common.cpp","function":"kodak_c603_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":2297,"function_hash":"202245538503356998516944743852207703228"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-b7a85c51","target":{"file":"internal/dcraw_common.cpp","function":"lossy_dng_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":960,"function_hash":"144737991149904957369473714665081941139"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-c3fa48de","target":{"file":"dcraw/dcraw.c","function":"foveon_sd_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Line","digest":{"line_hashes":["252836511816281551337412742381892112552","97817573362742954812293633274999613411","43483054351564291780598603455924190391","339636120942977234911671384945116044918"],"threshold":0.9},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-c8f1654b","target":{"file":"src/libraw_cxx.cpp"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":784,"function_hash":"107028413891214520022767389805362151335"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-c9900705","target":{"file":"internal/dcraw_common.cpp","function":"nikon_yuv_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":984,"function_hash":"163787082309327837638368078428263567791"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-db936243","target":{"file":"dcraw/dcraw.c","function":"kodak_ycbcr_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":2297,"function_hash":"202245538503356998516944743852207703228"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-e2c0a69f","target":{"file":"dcraw/dcraw.c","function":"lossy_dng_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":4331,"function_hash":"258645329150201233248176608017425116591"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-e7137ad9","target":{"file":"dcraw/dcraw.c","function":"kodak_radc_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"},{"signature_type":"Function","digest":{"length":1074,"function_hash":"3973563765850600755684746521009306221"},"deprecated":false,"signature_version":"v1","id":"CVE-2018-5800-ec879400","target":{"file":"dcraw/dcraw.c","function":"sinar_4shot_load_raw"},"source":"https://github.com/libraw/libraw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5800.json","vanir_signatures_modified":"2026-07-08T16:41:00Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}