Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 917650 (CVE-2023-44398) - <media-gfx/exiv2-0.28.1: buffer overflow (RCE)
Summary: <media-gfx/exiv2-0.28.1: buffer overflow (RCE)
Alias: CVE-2023-44398
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa+]
Depends on: 917669
  Show dependency tree
Reported: 2023-11-21 01:18 UTC by John Helmert III
Modified: 2024-04-05 09:16 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-21 01:18:21 UTC

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v0.28.0, so earlier versions of Exiv2 are _not_ affected. The out-of-bounds write is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. This bug is fixed in version v0.28.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.


Maintainers, please stabilize.
Comment 1 Larry the Git Cow gentoo-dev 2023-11-29 09:43:47 UTC
The bug has been referenced in the following commit(s):

commit 58c79ada9b4fed3de90aa55856ca7d3293891a4b
Author:     Andreas Sturmlechner <>
AuthorDate: 2023-11-29 09:37:12 +0000
Commit:     Andreas Sturmlechner <>
CommitDate: 2023-11-29 09:42:55 +0000

    media-gfx/exiv2: Cleanup vulnerable 0.28.0
    Signed-off-by: Andreas Sturmlechner <>

 media-gfx/exiv2/Manifest            |   1 -
 media-gfx/exiv2/exiv2-0.28.0.ebuild | 129 ------------------------------------
 2 files changed, 130 deletions(-)
Comment 2 Hans de Graaff gentoo-dev Security 2023-12-02 10:58:37 UTC
This bug still requires cleanup of vulnerable version 0.27.7. Apologies for the mistake in updating the whiteboard.
Comment 3 Larry the Git Cow gentoo-dev 2023-12-22 09:23:55 UTC
The bug has been referenced in the following commit(s):

commit ac054647254eb13d0b84b78ceab28ba69d92c404
Author:     GLSAMaker <>
AuthorDate: 2023-12-22 09:22:44 +0000
Commit:     Hans de Graaff <>
CommitDate: 2023-12-22 09:23:49 +0000

    [ GLSA 202312-06 ] Exiv2: Multiple Vulnerabilities
    Signed-off-by: GLSAMaker <>
    Signed-off-by: Hans de Graaff <>

 glsa-202312-06.xml | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
Comment 4 Hans de Graaff gentoo-dev Security 2024-04-05 09:16:16 UTC
commit e2502ab68714c7c22176061458ac501ae3545cb0
Author: Andreas Sturmlechner <>
Date:   Mon Feb 19 21:13:41 2024 +0100

    media-gfx/exiv2: drop 0.27.7, 0.28.1-r1