CVE-2020-15503

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-15503
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15503.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-15503
Downstream
Related
Published
2020-07-02T14:15:11Z
Modified
2025-10-21T05:40:48.167975Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, malloc(sizeof(librawprocessedimaget)+T.tlength) occurs without validating T.tlength.

References

Affected packages

Git / github.com/libraw/libraw

Affected ranges

Type
GIT
Repo
https://github.com/libraw/libraw
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
20ad21c0d87ca80217aee47533d91e633ce1864d

Affected versions

0.*

0.11.0-Release
0.11.1
0.11.2
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.14.3
0.14.4
0.14.5
0.14.6
0.15.0
0.16.0
0.17.0
0.18.0

Database specific

vanir_signatures

[
    {
        "id": "CVE-2020-15503-4de4e8ed",
        "target": {
            "file": "src/utils/thumb_utils.cpp"
        },
        "digest": {
            "line_hashes": [
                "95504925387959412511911477587878745185",
                "211498614830520016092898085902592191304",
                "258909625175771742828218197375693978553"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-b47b1d85",
        "target": {
            "function": "LibRaw::kodak_thumb_loader",
            "file": "src/utils/thumb_utils.cpp"
        },
        "digest": {
            "length": 5265.0,
            "function_hash": "20834980326322708084884246758929434607"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-bab2ecca",
        "target": {
            "function": "LibRaw::dcraw_make_mem_thumb",
            "file": "src/postprocessing/mem_image.cpp"
        },
        "digest": {
            "length": 1869.0,
            "function_hash": "60925816791984355313585374140980915893"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-bd149f8b",
        "target": {
            "file": "src/decoders/unpack_thumb.cpp"
        },
        "digest": {
            "line_hashes": [
                "59779410903218153793678754994680767601",
                "132752582361061888394256996303006118673",
                "185045691167740575729910415964833655416",
                "161049959832819816644170497010757592682",
                "260007268614515162766175710996963767171",
                "255532408959626893688328621463383668856",
                "293793618887016688055475224622010045250",
                "237163547497289955783163831819047220253",
                "53946906021982039869438027886283012302",
                "159623424722262447118890624610300865183",
                "24074827839660080180766803516914248259",
                "193770801203564601580014460272938621217",
                "279776459699944493687719371011149108112",
                "106535962320044590641199677616499872207",
                "283450966731452391535050062147183429866",
                "94649701061232974678424622551508588263",
                "211509070784551980709998278180183119961",
                "283511725562753475212592465244817300621",
                "80668828536364397405743644776123983152",
                "237567926824714123645467842340474684318",
                "285312419739008761685997607143246357862",
                "258224793432605195806530931128263774249",
                "65443162971290850839897068754309996559",
                "148315636905740143535486119577249766951",
                "181202847632146431652953263163741802944",
                "106211129585307599656075310087927609507",
                "195072596634072040877784318058145114722",
                "306099842656121619297437396043320744575",
                "239128415640668498542060449212822440966",
                "25636571237006944437910063657224247718",
                "78239118379284603983132881493921935450",
                "47533961952800260579564617492129636545"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-ccd49802",
        "target": {
            "function": "LibRaw::unpack_thumb",
            "file": "src/decoders/unpack_thumb.cpp"
        },
        "digest": {
            "length": 7684.0,
            "function_hash": "51726212998995411333273680451998935224"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-ddbaed06",
        "target": {
            "file": "src/postprocessing/mem_image.cpp"
        },
        "digest": {
            "line_hashes": [
                "187981261985522913612295356341902997356",
                "316324685096684762484593438217362973867",
                "42418153475302119724450462163414037082"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-ddf53db8",
        "target": {
            "file": "libraw/libraw_const.h"
        },
        "digest": {
            "line_hashes": [
                "249569001442104715920048703562899778"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    }
]