Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 626132 (CVE-2017-11336, CVE-2017-11337, CVE-2017-11338, CVE-2017-11339, CVE-2017-11340)

Summary: <media-gfx/exiv2-0.26_p20171104: Multiple Vulnerabilities
Product: Gentoo Security Reporter: Aleksandr Wagner (Kivak) <alwag>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: graphics+disabled, sudormrfhalt
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/Exiv2/exiv2/issues/51
Whiteboard: B3 [noglsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 626352    
Bug Blocks:    

Description Aleksandr Wagner (Kivak) 2017-07-25 11:06:46 UTC 
CVE-2017-11340 (https://nvd.nist.gov/vuln/detail/CVE-2017-11340):

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474334

CVE-2017-11339 (https://nvd.nist.gov/vuln/detail/CVE-2017-11339):

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474329

CVE-2017-11338 (https://nvd.nist.gov/vuln/detail/CVE-2017-11338):

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474325

CVE-2017-11337 (https://nvd.nist.gov/vuln/detail/CVE-2017-11337)

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474319

CVE-2017-11336 (https://nvd.nist.gov/vuln/detail/CVE-2017-11336)

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474316
Comment 1 Andreas Sturmlechner gentoo-dev 2017-11-05 13:22:19 UTC 
Fixed in >=media-gfx/exiv2-0.26_p20171018.
Comment 2 Andreas Sturmlechner gentoo-dev 2017-11-19 15:32:04 UTC 
Cleanup done in git commit cdb23e8b3608be50daebdeb5d904b179a58d8339