Описание
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
A vulnerability was found in exiv2. An integer wraparound could lead to an out-of-bounds read in the way MemIo is implemented. Reading from the memory buffer with MemIo::Impl::read() reads data beyond the buffer’s limits. An attacker could abuse this flaw by providing a specially crafted image that when read, would cause the application to crash or to leak sensitive data.
Отчет
This issue did not affect the versions of exiv2 as shipped with Red Hat Enterprise Linux 7, and 8 as variables MemIo::Impl::size_ and MemIo::Impl::idx_ are of type long, making it impossible to trigger the integer wraparound that would lead to an out-of-bound read.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | exiv2 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 8 | exiv2 | Not affected |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrw ...
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
6.5 Medium
CVSS3