CVE-2020-15503

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-15503
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15503.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-15503
Downstream
Related
Published
2020-07-02T14:15:11Z
Modified
2025-10-10T02:35:14.825792Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, malloc(sizeof(librawprocessedimaget)+T.tlength) occurs without validating T.tlength.

References

Affected packages

Git / github.com/libraw/libraw

Affected ranges

Type
GIT
Repo
https://github.com/libraw/libraw
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

0.*

0.11.0-Release
0.11.1
0.11.2
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.14.3
0.14.4
0.14.5
0.14.6
0.15.0
0.16.0
0.17.0
0.18.0

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "line_hashes": [
                    "95504925387959412511911477587878745185",
                    "211498614830520016092898085902592191304",
                    "258909625175771742828218197375693978553"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/utils/thumb_utils.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "id": "CVE-2020-15503-4de4e8ed",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "length": 5265.0,
                "function_hash": "20834980326322708084884246758929434607"
            },
            "target": {
                "function": "LibRaw::kodak_thumb_loader",
                "file": "src/utils/thumb_utils.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "id": "CVE-2020-15503-b47b1d85",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "length": 1869.0,
                "function_hash": "60925816791984355313585374140980915893"
            },
            "target": {
                "function": "LibRaw::dcraw_make_mem_thumb",
                "file": "src/postprocessing/mem_image.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "id": "CVE-2020-15503-bab2ecca",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "line_hashes": [
                    "59779410903218153793678754994680767601",
                    "132752582361061888394256996303006118673",
                    "185045691167740575729910415964833655416",
                    "161049959832819816644170497010757592682",
                    "260007268614515162766175710996963767171",
                    "255532408959626893688328621463383668856",
                    "293793618887016688055475224622010045250",
                    "237163547497289955783163831819047220253",
                    "53946906021982039869438027886283012302",
                    "159623424722262447118890624610300865183",
                    "24074827839660080180766803516914248259",
                    "193770801203564601580014460272938621217",
                    "279776459699944493687719371011149108112",
                    "106535962320044590641199677616499872207",
                    "283450966731452391535050062147183429866",
                    "94649701061232974678424622551508588263",
                    "211509070784551980709998278180183119961",
                    "283511725562753475212592465244817300621",
                    "80668828536364397405743644776123983152",
                    "237567926824714123645467842340474684318",
                    "285312419739008761685997607143246357862",
                    "258224793432605195806530931128263774249",
                    "65443162971290850839897068754309996559",
                    "148315636905740143535486119577249766951",
                    "181202847632146431652953263163741802944",
                    "106211129585307599656075310087927609507",
                    "195072596634072040877784318058145114722",
                    "306099842656121619297437396043320744575",
                    "239128415640668498542060449212822440966",
                    "25636571237006944437910063657224247718",
                    "78239118379284603983132881493921935450",
                    "47533961952800260579564617492129636545"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/decoders/unpack_thumb.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "id": "CVE-2020-15503-bd149f8b",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "length": 7684.0,
                "function_hash": "51726212998995411333273680451998935224"
            },
            "target": {
                "function": "LibRaw::unpack_thumb",
                "file": "src/decoders/unpack_thumb.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "id": "CVE-2020-15503-ccd49802",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "line_hashes": [
                    "187981261985522913612295356341902997356",
                    "316324685096684762484593438217362973867",
                    "42418153475302119724450462163414037082"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/postprocessing/mem_image.cpp"
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "id": "CVE-2020-15503-ddbaed06",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        },
        {
            "digest": {
                "line_hashes": [
                    "249569001442104715920048703562899778"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "libraw/libraw_const.h"
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "id": "CVE-2020-15503-ddf53db8",
            "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
            "deprecated": false
        }
    ]
}