CVE-2015-8366

Name	CVE-2015-8366
Description	Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs	806809, 818882, 864168

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
darktable (PTS)	buster	2.6.0-1	fixed
	bullseye	3.4.1-5	fixed
	bookworm, sid	4.2.1-4	fixed
dcraw (PTS)	buster, bullseye	9.28-2	fixed
	bookworm, sid	9.28-3	fixed
exactimage (PTS)	buster	1.0.2-1+deb10u1	fixed
	bullseye	1.0.2-8	fixed
	bookworm, sid	1.0.2-11	fixed
kodi (PTS)	buster	2:17.6+dfsg1-4	fixed
	bullseye	2:19.1+dfsg2-2+deb11u1	fixed
	bookworm, sid	2:20.1+dfsg-1	fixed
libraw (PTS)	buster	0.19.2-2	fixed
	buster (security)	0.19.2-2+deb10u3	fixed
	bullseye	0.20.2-1	fixed
	bullseye (security)	0.20.2-1+deb11u1	fixed
	bookworm, sid	0.20.2-2.1	fixed
rawtherapee (PTS)	buster	5.5-1	fixed
	bullseye	5.8-3	fixed
	bookworm, sid	5.9-1	fixed
ufraw (PTS)	buster	0.22-4	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Debian Bugs
darktable	source	squeeze	(not affected)
darktable	source	wheezy	(not affected)
darktable	source	jessie	(not affected)
darktable	source	(unstable)	2.0.0-1
dcraw	source	squeeze	(not affected)
dcraw	source	wheezy	(not affected)
dcraw	source	(unstable)	9.28-1	864168
exactimage	source	squeeze	(not affected)
exactimage	source	wheezy	(not affected)
exactimage	source	jessie	0.8.9-7+deb8u2
exactimage	source	(unstable)	0.9.1-13
kodi	source	(unstable)	(not affected)
libraw	source	squeeze	(not affected)
libraw	source	wheezy	(not affected)
libraw	source	jessie	0.16.0-9+deb8u2
libraw	source	(unstable)	0.17.1-1	806809
rawtherapee	source	squeeze	(not affected)
rawtherapee	source	wheezy	(not affected)
rawtherapee	source	jessie	4.2-1+deb8u2
rawtherapee	source	(unstable)	4.2.1241-2
ufraw	source	squeeze	(not affected)
ufraw	source	wheezy	(not affected)
ufraw	source	(unstable)	0.20-4	818882
xbmc	source	wheezy	(not affected)
xbmc	source	jessie	(not affected)
xbmc	source	(unstable)	(not affected)

Notes

[wheezy] - libraw <not-affected> (Vulnerable code not present)
[squeeze] - libraw <not-affected> (Vulnerable code not present)
[stretch] - dcraw <no-dsa> (Minor issue)
[jessie] - dcraw <no-dsa> (Minor issue)
[wheezy] - dcraw <not-affected> (Vulnerable code not present)
[squeeze] - dcraw <not-affected> (Vulnerable code not present)
- kodi <not-affected> (Vulnerable code not present)
[jessie] - darktable <not-affected> (Vulnerable code not present)
[wheezy] - darktable <not-affected> (Vulnerable code not present)
[squeeze] - darktable <not-affected> (Vulnerable code not present)
[jessie] - ufraw <no-dsa> (Minor issue)
[wheezy] - ufraw <not-affected> (Vulnerable code not present)
[squeeze] - ufraw <not-affected> (Vulnerable code not present)
[wheezy] - rawtherapee <not-affected> (Vulnerable code not present)
[squeeze] - rawtherapee <not-affected> (Vulnerable code not present)
[wheezy] - exactimage <not-affected> (Vulnerable code not present)
[squeeze] - exactimage <not-affected> (Vulnerable code not present)
exactimage: smal_decode_segment inside dcraw.h not dcraw.c
[jessie] - xbmc <not-affected> (Transitional dummy package)
[wheezy] - xbmc <not-affected> (Vulnerable code not present)
Fixed by: https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2