Hi, I understand your concerns. Here is the CVE number: 1775652
On Fri, 22 Nov, 2024, 6:00 am Thorsten Alteholz, <deb...@alteholz.de> wrote: > Hi, > > On Fri, 22 Nov 2024, Ajin Deepak wrote: > > To address your first question, in the context of *dcraw*, a denial of > > service (DoS) vulnerability refers to the software's inability to handle > > malformed files appropriately. A specially crafted file can cause the > > application to crash, disrupting its functionality for users relying on > it > > for image processing. While it is not a networked "service," this still > > constitutes a DoS as it prevents the intended use of the tool. > > this sounds like the definition of a mere bug. I have never seen this > being called a DoS. Whatever, if you like to call it this way ... > > > Additionally, the issue highlighted here involves a memory leak. This > leak > > exposes memory addresses that could assist in exploiting other > > vulnerabilities, such as buffer overflows. > > So what? Even if you are able to execute some code, you can only get > information from one user of the system. Back to the beginning of this > discussion: this looks like just an unimportant or minor issue and is far > away from the overhyped critical issue that you wanted to create in your > first mail. > Anybody who processes files from unknown sources of the internet has a > share of the blame in case bad things happen. > > > Apologies for the confusion earlier regarding multi-user systems—I was > > referring to scenarios involving privilege escalation. Tools installed by > > the root user often have elevated privileges or capabilities, especially > if > > they run with *setuid* permissions or interact with privileged system > > components. If such a tool has vulnerabilities and is executed by a > > non-privileged user, exploiting it could escalate the attacker's > privileges > > to root or other users, as in the scenarios you mentioned. > > Sure but this isn't related to dcraw, is it? > > > webpage .However, even if such cases are not immediately exploitable, > > patching these issues is essential. Left unaddressed, they could > > potentially aid exploitation when combined with other vulnerabilities in > a > > chain. > > No it is by far not essential. Applying a patch always involves the danger > of introducing a regression. It is by far worse to not be able to process > an image with dcraw at all than to have no fix for a fictional security > issue. > > > And yes I did apply for CVE after your reply. > > Great, please share the number. > > Thorsten
