CVE-2021-32142: Out-of-bounds Write

February 17, 2023 (updated November 7, 2023)

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

References

github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49
github.com/LibRaw/LibRaw/issues/400
github.com/gtt1995
nvd.nist.gov/vuln/detail/CVE-2021-32142
www.libraw.org/

Detect and mitigate CVE-2021-32142 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →