CVE-2017-6887

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-6887
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6887.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-6887
Downstream
Related
Published
2017-05-16T16:29:00.253Z
Modified
2026-04-02T00:16:35.155673Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A boundary error within the "parsetiffifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.

References

Affected packages

Git / github.com/libraw/libraw

Affected ranges

Type
GIT
Repo
https://github.com/libraw/libraw
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f4e199a14566f511d1d3d5ad839fef5f4eb906ff
Fixed
d7c3d2cb460be10a3ea7b32e9443a83c243b2251
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.18.1"
        }
    ]
}

Affected versions

0.*
0.11.0-Release
0.11.1
0.11.2
0.11.3
0.12.0
0.12.1
0.12.2
0.12.3
0.12.4
0.12.5
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.14.3
0.14.4
0.14.5
0.14.6
0.14.7
0.14.8
0.15.0
0.15.1
0.15.2
0.15.3
0.15.4
0.16.0
0.16.1
0.16.2
0.17.0
0.17.1
0.17.2
0.18.0
0.18.1

Database specific

vanir_signatures 
[
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "330483907310885657851638621784502241594",
                "98297358945102826810003107118541587412",
                "13538086109817097211732976274570932189",
                "140070819662391359961719678473990694994",
                "40273550911795736478718628460633290601",
                "242256858762420658105829523284864040693",
                "157899024790148287550800316389812572087",
                "222565264877867960609186580260913843692",
                "40686553183327440519215951091695956570",
                "230815494714399470105896906696210971826",
                "201572566780869375995244731736247661949",
                "145021184640497432325317046080675481440"
            ]
        },
        "id": "CVE-2017-6887-07f0dd62",
        "target": {
            "file": "internal/dcraw_common.cpp"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "223952729540945911801236471202363549232",
            "length": 836.0
        },
        "id": "CVE-2017-6887-345db300",
        "target": {
            "function": "parse_jpeg",
            "file": "dcraw/dcraw.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "330483907310885657851638621784502241594",
                "98297358945102826810003107118541587412",
                "13538086109817097211732976274570932189",
                "140070819662391359961719678473990694994",
                "40273550911795736478718628460633290601",
                "242256858762420658105829523284864040693",
                "157899024790148287550800316389812572087",
                "222565264877867960609186580260913843692",
                "40686553183327440519215951091695956570",
                "230815494714399470105896906696210971826",
                "201572566780869375995244731736247661949",
                "145021184640497432325317046080675481440"
            ]
        },
        "id": "CVE-2017-6887-3bf7c58f",
        "target": {
            "file": "dcraw/dcraw.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "270558865765251762118260754155532321526",
            "length": 31716.0
        },
        "id": "CVE-2017-6887-62aafd68",
        "target": {
            "function": "parse_tiff_ifd",
            "file": "dcraw/dcraw.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "223952729540945911801236471202363549232",
            "length": 836.0
        },
        "id": "CVE-2017-6887-70b33685",
        "target": {
            "function": "parse_jpeg",
            "file": "internal/dcraw_common.cpp"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/libraw/libraw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "270558865765251762118260754155532321526",
            "length": 31716.0
        },
        "id": "CVE-2017-6887-78c14c72",
        "target": {
            "function": "parse_tiff_ifd",
            "file": "internal/dcraw_common.cpp"
        }
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6887.json"