Debian DLA-3186-1 : exiv2 - LTS security update

high Nessus Plugin ID 167277

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3186 advisory.

- There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. (CVE-2017-11683)

- A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). (CVE-2020-19716)

- A vulnerability was found in Exiv2. It has been classified as critical. Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler.
The manipulation leads to integer overflow. It is possible to launch the attack remotely. The name of the patch is bf4f28b727bdedbd7c88179c30d360e54568a62e. It is recommended to apply a patch to fix this issue.
The identifier of this vulnerability is VDB-212496. (CVE-2022-3756)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the exiv2 packages.

For Debian 10 buster, these problems have been fixed in version 0.25-4+deb10u3.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876893

https://security-tracker.debian.org/tracker/source-package/exiv2

https://www.debian.org/lts/security/2022/dla-3186

https://security-tracker.debian.org/tracker/CVE-2017-11683

https://security-tracker.debian.org/tracker/CVE-2020-19716

https://security-tracker.debian.org/tracker/CVE-2022-3756

https://packages.debian.org/source/buster/exiv2

Plugin Details

Severity: High

ID: 167277

File Name: debian_DLA-3186.nasl

Version: 1.2

Type: local

Agent: unix

Published: 11/11/2022

Updated: 11/11/2022

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2020-19716

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2022-3756

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libexiv2-doc, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:exiv2, p-cpe:/a:debian:debian_linux:libexiv2-dev, p-cpe:/a:debian:debian_linux:libexiv2-14

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 11/10/2022

Vulnerability Publication Date: 7/27/2017

Reference Information

CVE: CVE-2017-11683, CVE-2020-19716, CVE-2022-3756