Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 631850 (CVE-2017-7544) - <media-libs/libexif-0.6.21-r2: out-of-bounds heap read vulnerability causes denial of service
Summary: <media-libs/libexif-0.6.21-r2: out-of-bounds heap read vulnerability causes d...
Status: RESOLVED FIXED
Alias: CVE-2017-7544
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa cve]
Keywords: STABLEREQ
Depends on:
Blocks:
 
Reported: 2017-09-23 15:55 UTC by Aleksandr Wagner (Kivak)
Modified: 2018-10-12 16:12 UTC (History)
1 user (show)

See Also:
Package list:
media-libs/libexif-0.6.21-r2
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-09-23 15:55:34 UTC
CVE-2017-7544 (https://nvd.nist.gov/vuln/detail/CVE-2017-7544):

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.

References:

https://sourceforge.net/p/libexif/bugs/130/
https://sourceforge.net/p/libexif/bugs/_discuss/thread/fc394c4b/489a/attachment/xx.pat
Comment 1 D'juan McDonald (domhnall) 2017-09-30 05:30:51 UTC
@maintainer(s), both vulnerable and possible fixed versions are in tree. please call for stabilization if needed. 

Gentoo Security Padawan
Daj Uan (jmbailey/mbailey_j)
Comment 2 Larry the Git Cow gentoo-dev 2018-09-18 09:23:03 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=96e70c303fbdd5949b7235132de1d4bf4a88a950

commit 96e70c303fbdd5949b7235132de1d4bf4a88a950
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2018-09-18 09:20:08 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2018-09-18 09:22:45 +0000

    media-libs/libexif: Fix CVE-2017-7544
    
    Bug: https://bugs.gentoo.org/631850
    Package-Manager: Portage-2.3.49, Repoman-2.3.10

 .../files/libexif-0.6.21-CVE-2017-7544.patch       | 30 ++++++++++++++++++++++
 media-libs/libexif/libexif-0.6.21-r2.ebuild        |  5 +++-
 2 files changed, 34 insertions(+), 1 deletion(-)
Comment 3 Andreas Sturmlechner gentoo-dev 2018-09-18 09:24:27 UTC
oh well...
Comment 4 Matt Turner gentoo-dev 2018-09-18 17:15:59 UTC
ppc/ppc64 stable
Comment 5 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-09-19 07:42:47 UTC
amd64 stable
Comment 6 Rolf Eike Beer 2018-09-19 16:19:09 UTC
sparc done.
Comment 7 Thomas Deutschmann gentoo-dev Security 2018-09-19 17:36:30 UTC
x86 stable
Comment 8 Sergei Trofimovich gentoo-dev 2018-09-22 11:47:05 UTC
ia64 stable
Comment 9 Markus Meier gentoo-dev 2018-09-24 18:12:52 UTC
arm stable
Comment 10 Tobias Klausmann gentoo-dev 2018-10-02 10:59:09 UTC
Stable on alpha.
Comment 11 Andreas Sturmlechner gentoo-dev 2018-10-05 20:36:49 UTC
No revdeps for sh and s390.
Comment 12 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-10-12 16:10:49 UTC
hppa lost stable
Comment 13 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-10-12 16:12:25 UTC
GLSA vote: no