Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 879801 (CVE-2021-34055) - <media-gfx/jhead- heap buffer overflow
Summary: <media-gfx/jhead- heap buffer overflow
Alias: CVE-2021-34055
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa?]
Depends on: 905846
  Show dependency tree
Reported: 2022-11-05 01:14 UTC by John Helmert III
Modified: 2023-06-12 20:24 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-11-05 01:14:40 UTC

jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.

Patch is:

Not sure if in any release
Comment 1 Larry the Git Cow gentoo-dev 2023-04-10 02:48:50 UTC
The bug has been referenced in the following commit(s):

commit ecf038d30f5cae49c82bed3af187d62387ed8c1e
Author:     Andreas K. Hüttel <>
AuthorDate: 2023-04-10 02:48:08 +0000
Commit:     Andreas K. Hüttel <>
CommitDate: 2023-04-10 02:48:38 +0000

    media-gfx/jhead: Add CVE-2021-34055 patch
    Signed-off-by: Andreas K. Hüttel <>

 .../files/jhead-      | 108 +++++++++++++++++++++
 media-gfx/jhead/jhead-           |  27 ++++++
 2 files changed, 135 insertions(+)
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2023-06-12 20:24:59 UTC
Cleanup done