SB2022113031 - SUSE update for exiv2-0_26 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022113031

SB2022113031 - SUSE update for exiv2-0_26

Published: November 30, 2022

Security Bulletin ID SB2022113031
Severity
Medium
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 64% Low 36%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Uncaught Exception (CVE-ID: CVE-2017-11591)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a floating point exception in the Exiv2::ValueType function in Exiv2. A remote attacker can pass a specially crafted image to the application and perform a denial of service (DoS) attack.


2) Heap-based buffer overflow (CVE-ID: CVE-2018-11531)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer overflow in getData in preview.cpp. A remote attacker can trigger memory corruption and perform a denial of service attack.


3) Resource exhaustion (CVE-ID: CVE-2018-17581)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources caused by excessive stack consumption due to a recursive function within the CiffDirectory::readDirectory() function in crwimage_int.cpp. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


4) Buffer overflow (CVE-ID: CVE-2018-20097)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.


5) Out-of-bounds read (CVE-ID: CVE-2018-20098)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.


6) Infinite loop (CVE-ID: CVE-2018-20099)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.


7) Integer overflow (CVE-ID: CVE-2019-13109)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in Exiv2 through 0.27.1 due to PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction. A remote attacker can create a crafted PNG image file, trigger integer overflow and perform denial of service (DoS) attack.


8) Integer overflow (CVE-ID: CVE-2019-13110)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to integer overflow in CiffDirectory::readDirectory() function. A remote attacker can create a specially crafted CRW image, pass it to the application, trigger integer overflow and crash the affected application.


9) Buffer overflow (CVE-ID: CVE-2019-17402)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary in Exiv2::getULong() function in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp. A remote attacker can pass specially crafted data to the application, trigger memory corruption and crash the service.


10) Out-of-bounds read (CVE-ID: CVE-2021-29473)

The vulnerability allows a remote attacker to gain access to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when processing Exif, IPTC, XMP and ICC image metadata. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the affected application.


11) Reachable Assertion (CVE-ID: CVE-2021-32815)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling metadata of image files. A remote attacker can pass a specially crafted image to the application and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References