Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 679486 (CVE-2018-17581, CVE-2018-19108, CVE-2018-19535, CVE-2019-9143, CVE-2019-9144) - <media-gfx/exiv2-0.27.0: multiple vulnerabilities
Summary: <media-gfx/exiv2-0.27.0: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-17581, CVE-2018-19108, CVE-2018-19535, CVE-2019-9143, CVE-2019-9144
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: 678426
Blocks:
  Show dependency tree
 
Reported: 2019-03-05 01:53 UTC by D'juan McDonald (domhnall)
Modified: 2023-01-15 04:05 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-03-05 01:53:50 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2019-9144):
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Upstream Reference: https://github.com/Exiv2/exiv2/issues/712


(https://nvd.nist.gov/vuln/detail/CVE-2019-9143):
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Upstream Reference: https://github.com/Exiv2/exiv2/issues/711



Gentoo Security Padawan
(domhnall)
Comment 1 Andreas Sturmlechner gentoo-dev 2019-03-06 17:59:36 UTC
With media-gfx/exiv2-0.27.0-r2 we are not affected:

$ exiv2 -b -u -k -p R pr
exiv2: Action not available in Release mode: 'R'

Cleanup currently depends on darktable-2.6.0 stabilisation.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-03-11 04:07:29 UTC
@maintainers, please drop the vulnerable
Comment 3 Michael Palimaka (kensington) gentoo-dev 2019-03-11 06:15:18 UTC
Cleanup done.
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2019-03-11 06:33:41 UTC
(In reply to Michael Palimaka (kensington) from comment #3)
> Cleanup done.

Thanks, Michael!
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-15 04:05:28 UTC
CVE-2018-19535 (https://github.com/Exiv2/exiv2/issues/428):

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

CVE-2018-19108 (https://github.com/Exiv2/exiv2/issues/426):

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

CVE-2018-17581 (https://github.com/Exiv2/exiv2/issues/460):

CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.