A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24889 Reference (s):
- GENTOO:GLSA-202010-05
- URL: https://security.gentoo.org/glsa/202010-05
- https://github.com/LibRaw/LibRaw/issues/334