Fluid Attacks Database

Description

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits[] causes out-of-bounds write. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.22.1 will fix this issue. Patch name: a6734e867b19d75367c05f872ac26322464e3995. It is advisable to upgrade the affected component.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	libraw	=0.20.2-2.1 \|\| =0.20.2-2.1+deb12u1 \|\| =0.21.1-1 \|\| =0.21.1-2 \|\| =0.21.1-3 \|\| =0.21.1-4 \|\| =0.21.1-5 \|\| =0.21.1-6 \|\| =0.21.1-7 \|\| =0.21.2-1 \|\| =0.21.2-2 \|\| =0.21.2-2.1 \|\| =0.21.2-2.1~exp1 \|\| =0.21.3-1 \|\| =0.21.4-1 \|\| =0.21.4-2 \|\| =0.21.4-3~exp1 \|\| =0.21.4-3~exp2 \|\| =0.21.5b-1 \|\| =0.22.0-1~exp1 \|\| =0.22.1-1 \|\| =0.22.1-1~exp1 \|\| =0.22.1-1~exp2	-
debian 13	libraw	=0.21.4-2 \|\| =0.21.4-3~exp1 \|\| =0.21.4-3~exp2 \|\| =0.21.5b-1 \|\| =0.22.0-1~exp1 \|\| =0.22.1-1 \|\| =0.22.1-1~exp1 \|\| =0.22.1-1~exp2	-
rpm rhel7	libraw1394	-	-
rpm rhel7	LibRaw	-	-
debian 11	libraw	=0.20.2-1 \|\| =0.20.2-1+deb11u1 \|\| =0.20.2-1+deb11u2 \|\| =0.20.2-2 \|\| =0.20.2-2.1 \|\| =0.21.1-1 \|\| =0.21.1-2 \|\| =0.21.1-3 \|\| =0.21.1-4 \|\| =0.21.1-5 \|\| =0.21.1-6 \|\| =0.21.1-7 \|\| =0.21.2-1 \|\| =0.21.2-2 \|\| =0.21.2-2.1 \|\| =0.21.2-2.1~exp1 \|\| =0.21.3-1 \|\| =0.21.4-1 \|\| =0.21.4-2 \|\| =0.21.4-3~exp1 \|\| =0.21.4-3~exp2 \|\| =0.21.5b-1 \|\| =0.22.0-1~exp1 \|\| =0.22.1-1 \|\| =0.22.1-1~exp1 \|\| =0.22.1-1~exp2	-
rpm rhel9	LibRaw	-	-
rpm rhel6	libraw1394	-	-
debian 14	libraw	=0.21.4-2 \|\| =0.21.4-3~exp1 \|\| =0.21.4-3~exp2 \|\| =0.21.5b-1 \|\| =0.22.0-1~exp1 \|\| =0.22.1-1~exp1 \|\| =0.22.1-1~exp2 \|\| >=0 <0.22.1-1	0.22.1-1
rpm rhel8	LibRaw	-	-
rpm rhel8	libraw1394	-	-

Aliases

1. CVE-2026-53182. NVD-2026-53183. OSV-DEBIAN-2026-53184. OSV-2026-53185. SECURITY-TRACKER-CVE-2026-5318

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.