openSUSE Security Update : exiv2 (openSUSE-2020-482)

high Nessus Plugin ID 135384

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for exiv2 fixes the following issues :

exiv2 was updated to latest 0.26 branch, fixing bugs and security issues :

- CVE-2017-1000126: Fixed an out of bounds read in webp parser (bsc#1068873).

- CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function (bsc#1040973).

- CVE-2018-12264: Fixed an integer overflow in LoaderTiff::getData() which might have led to an out-of-bounds read (bsc#1097600).

- CVE-2018-12265: Fixed integer overflows in LoaderExifJpeg which could have led to memory corruption (bsc#1097599).

- CVE-2018-17229: Fixed a heap based buffer overflow in Exiv2::d2Data via a crafted image (bsc#1109175).

- CVE-2018-17230: Fixed a heap based buffer overflow in Exiv2::d2Data via a crafted image (bsc#1109176).

- CVE-2018-17282: Fixed a NULL pointer dereference in Exiv2::DataValue::copy (bsc#1109299).

- CVE-2018-19108: Fixed an integer overflow in Exiv2::PsdImage::readMetadata which could have led to infinite loop (bsc#1115364).

- CVE-2018-19607: Fixed a NULL pointer dereference in Exiv2::isoSpeed which might have led to denial of service (bsc#1117513).

- CVE-2018-9305: Fixed an out of bounds read in IptcData::printStructure which might have led to to information leak or denial of service (bsc#1088424).

- CVE-2019-13114: Fixed a NULL pointer dereference which might have led to denial of service via a crafted response of an malicious http server (bsc#1142684).

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected exiv2 packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1109175

https://bugzilla.opensuse.org/show_bug.cgi?id=1109176

https://bugzilla.opensuse.org/show_bug.cgi?id=1109299

https://bugzilla.opensuse.org/show_bug.cgi?id=1115364

https://bugzilla.opensuse.org/show_bug.cgi?id=1117513

https://bugzilla.opensuse.org/show_bug.cgi?id=1142684

https://bugzilla.opensuse.org/show_bug.cgi?id=1040973

https://bugzilla.opensuse.org/show_bug.cgi?id=1068873

https://bugzilla.opensuse.org/show_bug.cgi?id=1088424

https://bugzilla.opensuse.org/show_bug.cgi?id=1097599

https://bugzilla.opensuse.org/show_bug.cgi?id=1097600

Plugin Details

Severity: High

ID: 135384

File Name: openSUSE-2020-482.nasl

Version: 1.3

Type: local

Agent: unix

Published: 4/10/2020

Updated: 3/19/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-12265

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:exiv2, p-cpe:/a:novell:opensuse:exiv2-debuginfo, p-cpe:/a:novell:opensuse:exiv2-debugsource, p-cpe:/a:novell:opensuse:exiv2-lang, p-cpe:/a:novell:opensuse:libexiv2-26, p-cpe:/a:novell:opensuse:libexiv2-26-32bit, p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo, p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo, p-cpe:/a:novell:opensuse:libexiv2-devel, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/8/2020

Vulnerability Publication Date: 5/26/2017

Reference Information

CVE: CVE-2017-1000126, CVE-2017-9239, CVE-2018-12264, CVE-2018-12265, CVE-2018-17229, CVE-2018-17230, CVE-2018-17282, CVE-2018-19108, CVE-2018-19607, CVE-2018-9305, CVE-2019-13114