USN-8522-1: LibRaw vulnerabilities | Ubuntu security notices

USN-8493-1: Linux kernel vulnerabilities | Ubuntu security notices

It was discovered that LibRaw incorrectly handled certain Nikon RAW image
files. An attacker could possibly use this issue to cause LibRaw to crash,
resulting in a denial of service. (CVE-2026-5342)

It was discovered that LibRaw had an integer overflow in its DNG image
loader. An attacker could possibly use this issue to cause LibRaw to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2026-20884)

It was discovered that LibRaw incorrectly handled certain X3F thumbnail
data. An attacker could possibly use this issue to cause LibRaw to crash,
resulting in a denial of service, or execute arbitrary code.
(CVE-2026-20889)

It was discovered that LibRaw had a heap-based buffer overflow in its
lossless JPEG image loader. An attacker could possibly use this issue to
cause LibRaw to crash,…

It was discovered that LibRaw incorrectly handled certain Nikon RAW image
files. An attacker could possibly use this issue to cause LibRaw to crash,
resulting in a denial of service. (CVE-2026-5342)

It was discovered that LibRaw had an integer overflow in its DNG image
loader. An attacker could possibly use this issue to cause LibRaw to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2026-20884)

It was discovered that LibRaw incorrectly handled certain X3F thumbnail
data. An attacker could possibly use this issue to cause LibRaw to crash,
resulting in a denial of service, or execute arbitrary code.
(CVE-2026-20889)

It was discovered that LibRaw had a heap-based buffer overflow in its
lossless JPEG image loader. An attacker could possibly use this issue to
cause LibRaw to crash, resulting in a denial of service, or execute
arbitrary code. (CVE-2026-21413)

It was discovered that LibRaw had an integer overflow in its uncompressed
floating-point DNG image loader. An attacker could possibly use this issue
to cause LibRaw to crash, resulting in a denial of service, or execute
arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.04.
(CVE-2026-24450)

It was discovered that LibRaw had a heap-based buffer overflow in its X3F
Huffman decoder. An attacker could possibly use this issue to cause LibRaw
to crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2026-24660)

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *