SB2022092056 - Multiple vulnerabilities in GNU Exiv2

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2020-18899)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.

2) Out-of-bounds read (CVE-ID: CVE-2020-18771)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack or gain access to sensitive information.

The vulnerability exists due to global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp. A remote attacker can perform a denial of service attack or gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://github.com/Exiv2/exiv2/issues/742
• https://github.com/Exiv2/exiv2/issues/756
• https://cwe.mitre.org/data/definitions/126.html
• https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html