Описание
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libexif | fixed | 0.6.21-9 | package | |
| libexif | fixed | 0.6.21-5.1+deb10u3 | buster | package |
| libexif | fixed | 0.6.21-2+deb9u3 | stretch | package |
Примечания
https://github.com/libexif/libexif/commit/ec412aa4583ad71ecabb967d3c77162760169d1f (0.6.22)
EPSS
Связанные уязвимости
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
Уязвимость библиотеки для грамматического разбора EXIF-файлов libexif, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
EPSS