openSUSE Security Update : opencv (openSUSE-2018-492)

high Nessus Plugin ID 110066

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for opencv fixes the following issues :

Security issues fixed :

- CVE-2016-1516: OpenCV had a double free issue that allowed attackers to execute arbitrary code.
(boo#1033152)

- CVE-2017-14136: OpenCV had an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597. (boo#1057146)

- CVE-2017-12606: OpenCV had an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. (boo#1052451)

- CVE-2017-12604: OpenCV had an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread. (boo#1052454)

- CVE-2017-12603: OpenCV had an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case. (boo#1052455)

- CVE-2017-12602: OpenCV had a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case. (boo#1052456)

- CVE-2017-12601: OpenCV had a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. (boo#1052457)

- CVE-2017-12600: OpenCV had a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. (boo#1052459)

- CVE-2017-12599: OpenCV had an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread. (boo#1052461)

- CVE-2017-12598: OpenCV had an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. (boo#1052462)

- CVE-2017-12597: OpenCV had an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. (boo#1052465)

- CVE-2017-12864: In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service.
(boo#1054019)

- CVE-2017-12863: In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service.
(boo#1054020)

- CVE-2017-12862: In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later.
If the image is from remote, may lead to remote code execution or denial of service. (boo#1054021)

- CVE-2017-12605: OpenCV had an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread. (boo#1054984)

Solution

Update the affected opencv packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1033152

https://bugzilla.opensuse.org/show_bug.cgi?id=1052451

https://bugzilla.opensuse.org/show_bug.cgi?id=1052454

https://bugzilla.opensuse.org/show_bug.cgi?id=1052455

https://bugzilla.opensuse.org/show_bug.cgi?id=1052456

https://bugzilla.opensuse.org/show_bug.cgi?id=1052457

https://bugzilla.opensuse.org/show_bug.cgi?id=1052459

https://bugzilla.opensuse.org/show_bug.cgi?id=1052461

https://bugzilla.opensuse.org/show_bug.cgi?id=1052462

https://bugzilla.opensuse.org/show_bug.cgi?id=1052465

https://bugzilla.opensuse.org/show_bug.cgi?id=1054019

https://bugzilla.opensuse.org/show_bug.cgi?id=1054020

https://bugzilla.opensuse.org/show_bug.cgi?id=1054021

https://bugzilla.opensuse.org/show_bug.cgi?id=1054984

https://bugzilla.opensuse.org/show_bug.cgi?id=1057146

Plugin Details

Severity: High

ID: 110066

File Name: openSUSE-2018-492.nasl

Version: 1.4

Type: local

Agent: unix

Published: 5/24/2018

Updated: 10/3/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-12864

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opencv-devel, p-cpe:/a:novell:opensuse:python-opencv-qt5, p-cpe:/a:novell:opensuse:python3-opencv-debuginfo, p-cpe:/a:novell:opensuse:libopencv3_1-debuginfo, p-cpe:/a:novell:opensuse:python-opencv-debuginfo, p-cpe:/a:novell:opensuse:opencv-qt5-debuginfo, p-cpe:/a:novell:opensuse:python-opencv-qt5-debuginfo, p-cpe:/a:novell:opensuse:python3-opencv, p-cpe:/a:novell:opensuse:python3-opencv-qt5, p-cpe:/a:novell:opensuse:libopencv-qt56_3, p-cpe:/a:novell:opensuse:opencv-qt5, p-cpe:/a:novell:opensuse:opencv-qt5-debugsource, cpe:/o:novell:opensuse:42.3, p-cpe:/a:novell:opensuse:opencv-debugsource, p-cpe:/a:novell:opensuse:opencv, p-cpe:/a:novell:opensuse:libopencv3_1, p-cpe:/a:novell:opensuse:python-opencv, p-cpe:/a:novell:opensuse:opencv-debuginfo, p-cpe:/a:novell:opensuse:opencv-qt5-devel, p-cpe:/a:novell:opensuse:libopencv-qt56_3-debuginfo, p-cpe:/a:novell:opensuse:python3-opencv-qt5-debuginfo

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/23/2018

Reference Information

CVE: CVE-2016-1516, CVE-2017-12597, CVE-2017-12598, CVE-2017-12599, CVE-2017-12600, CVE-2017-12601, CVE-2017-12602, CVE-2017-12603, CVE-2017-12604, CVE-2017-12605, CVE-2017-12606, CVE-2017-12862, CVE-2017-12863, CVE-2017-12864, CVE-2017-14136