Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 626132 (CVE-2017-11336, CVE-2017-11337, CVE-2017-11338, CVE-2017-11339, CVE-2017-11340) - <media-gfx/exiv2-0.26_p20171104: Multiple Vulnerabilities
Summary: <media-gfx/exiv2-0.26_p20171104: Multiple Vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-11336, CVE-2017-11337, CVE-2017-11338, CVE-2017-11339, CVE-2017-11340
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2017-11683
Blocks:
  Show dependency tree
 
Reported: 2017-07-25 11:06 UTC by Aleksandr Wagner (Kivak)
Modified: 2017-11-19 17:34 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-07-25 11:06:46 UTC
CVE-2017-11340 (https://nvd.nist.gov/vuln/detail/CVE-2017-11340):

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474334

CVE-2017-11339 (https://nvd.nist.gov/vuln/detail/CVE-2017-11339):

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474329

CVE-2017-11338 (https://nvd.nist.gov/vuln/detail/CVE-2017-11338):

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474325

CVE-2017-11337 (https://nvd.nist.gov/vuln/detail/CVE-2017-11337)

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474319

CVE-2017-11336 (https://nvd.nist.gov/vuln/detail/CVE-2017-11336)

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

https://bugzilla.redhat.com/show_bug.cgi?id=1474316
Comment 1 Andreas Sturmlechner gentoo-dev 2017-11-05 13:22:19 UTC
Fixed in >=media-gfx/exiv2-0.26_p20171018.
Comment 2 Andreas Sturmlechner gentoo-dev 2017-11-19 15:32:04 UTC
Cleanup done in git commit cdb23e8b3608be50daebdeb5d904b179a58d8339