An off-by-one error within the LibRaw::kodak_ycbcr_load_raw() function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libraw | Libraw | * | 0.18.7 (excluding) |