Описание
A flaw was found in libexif. When decoding MakerNotes, an integer underflow can occur in the exif_mnote_data_get_value function if a zero size is passed. This can lead to a buffer overwrite, potentially allowing an attacker to achieve arbitrary code execution, disclose sensitive information, or cause a denial of service (DoS).
Меры по смягчению последствий
To mitigate this issue, avoid processing untrusted image files that may contain specially crafted EXIF MakerNotes. Restrict the use of applications that process EXIF data to trusted sources only.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libexif | Fix deferred | ||
| Red Hat Enterprise Linux 6 | libexif | Fix deferred | ||
| Red Hat Enterprise Linux 7 | libexif | Fix deferred | ||
| Red Hat Enterprise Linux 8 | libexif | Fix deferred | ||
| Red Hat Enterprise Linux 9 | libexif | Fix deferred |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_ ...
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
5.3 Medium
CVSS3