Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-3624

Related Vulnerabilities: CVE-2021-3624  

There is a flaw in dcraw. An attacker who is able to convince a victim to open a crafted file with dcraw could trigger an unsigned integer wraparound, leading to out-of-bounds write. The greatest impact from this flaw is to system availability, data integrity, and data confidentiality.

Source

Description

There is a flaw in dcraw. An attacker who is able to convince a victim to open a crafted file with dcraw could trigger an unsigned integer wraparound, leading to out-of-bounds write. The greatest impact from this flaw is to system availability, data integrity, and data confidentiality.

Additional Information

  • Bugzilla 1968040: CVE-2021-3624 dcraw: Buffer overflow caused by integer-overflow in foveon_load_camf()
  • CWE-20->CWE-190->CWE-787: Improper Input Validation leads to Integer Overflow or Wraparound leads to Out-of-bounds Write
  • FAQ: Frequently asked questions about CVE-2021-3624

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started