Thank you for the information and sorry for the delay.
With your instruction, I could get the following stacktrace.
-
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xf4bc in
Thank you for the information and sorry for the delay.
With your instruction, I could get the following stacktrace.
-
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xdd08 in
Thank you for the information and sorry for the delay.
With your instruction, I could get the following stacktrace.
-
Program terminated with signal SIGBUS, Bus error.
#0 kodak_radc_load_raw () at dcraw.c:2240
Package: dcraw
Version: 9.27-1+b1
Severity: normal
Dear Maintainer,
Running 'dcparse' program of 'dcraw-9.27' package with the attached input
file raises a crash caused by stack-overflow in parse_mos().
First, below is the GDB log that shows crash from dcparse binary downloaded
with 'apt-get'.
Package: dcraw
Version: 9.27-1+b1
Severity: normal
Dear Maintainer,
Running dcraw-9.27 the attached input file raises a crash caused by invalid
memory write in canon_rmf_load_raw().
First, below is the GDB log that shows crash from dcraw-9.27 binary
downloaded with 'apt-get'.
Package: dcraw
Version: 9.27-1+b1
Severity: normal
Dear Maintainer,
Running dcraw-9.27 with the attached input file raises a crash caused by
stack-buffer-overflow in quicktake_100_load_raw().
First, below is the GDB log that shows a crash from dcraw-9.27 binary
downloaded with 'apt-get'.
Package: dcraw
Version: 9.27-1+b1
Severity: normal
Dear Maintainer,
Running dcraw-9.27 the attached input file raises a crash caused by invalid
memory write in kodak_radc_load_raw().
First, below is the GDB log that shows crash from dcraw-9.27 binary
downloaded with 'apt-get'.
Package: ufraw-batch
Version: 0.22-1.1
Severity: normal
Dear Maintainer,
Running ufraw-batch with the attached poc file raises a NULL dereference
crash in ufraw_batch_messenger() function.
Following gdb log shows the program crashing with segfault.
Package: x264
Version: 2:0.148.2748+git97eaef2-1
Severity: normal
Dear Maintainer,
Running x264 with the attached poc file raises a NULL dereference crash.
Following gdb log shows the program resulting in segfault.
jason@debian-amd64-stretch:~/report/debian-latest/x264$ gdb x264 -q
Reading
Package: fig2dev
Version: 1:3.2.6a-2+deb9u1
Severity: normal
Dear Maintainer,
Running the attached test input with fig2dev with '-L pdf' option raises a
segmentation fault error, while attempting to read an invalid memory
address. Judging from the stack trace, this bug seems similar to previous
Package: fig2dev
Version: 1:3.2.6a-2+deb9u1
Severity: normal
Dear Maintainer,
Running the attached test input with fig2dev with '-L pdf' option raises a
global buffer overflow error. Judging from the stack trace, this bug seems
similar to previous bug #890015, but this test input also crashes
Package: ufraw-batch
Version: 0.22-1.1
Severity: normal
Dear Maintainer,
An integer overflow bug that leads to heap buffer overflow exists in
ufraw-batch.
According to our analysis, the bug exists within dcraw_load_raw() function
(dcraw_api.cc:Line #236). If 'd->raw_height' and 'd->raw_width'
Package: x264
Version: 2:0.148.2748+git97eaef2-1
Severity: normal
Dear Maintainer,
Running x264 with the attached poc file raises a heap buffer overflow.
Following gdb log shows the program resulting in segfault.
jason@debian-amd64-stretch:~/report/debian-latest/x264$ gdb x264 -q
Reading
Package: dcraw
Version: 9.27-1+b1
Severity: normal
Dear Maintainer,
Running dcraw with the attached poc file raises a NULL dereference bug.
Following gdb log shows the program resulting in segfault.
jason@debian-amd64-stretch:~/report/debian-latest/dcraw$ gdb dcraw -q
Reading symbols from
Package: dcraw
Version: 9.27-1+b1
Severity: normal
A stack-based buffer overflow bug exists in dcraw.
Running the attached poc file raises a stack-based buffer overflow error,
which may allow a control flow hijack attack.
Following gdb log shows the program resulting in segfault.
For your information, this bug was assigned CVE-2018-6612.
Thank you for the fix.
For your information, this bug was assigned CVE-2017-18120.
Thank you for the fix.
17 matches
Mail list logo
