Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2144)

Published: 2020-01-23 12:36:15
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the Huawei EulerOS 'exiv2' Linux Distribution Package(s) announced via the EulerOS-SA-2019-2144 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.(CVE-2018-14046) There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.(CVE-2018-20096) There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.(CVE-2018-20098) There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.(CVE-2018-20099) A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.(CVE-2019-13112) CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.(CVE-2018-17581) In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.(CVE-2018-19535) In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.(CVE-2018-10958) An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.(CVE-2018-10998) An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.(CVE-2018-10999) In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.(CVE-2018-19108) In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.(CVE-2018-19107) An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.(CVE-2018-17282) exiv2 0.26 contains a Stack out of bounds read in webp parser(CVE-2017-1000126) In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.(CVE-2017-17723) Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.(CVE-2018-11531)

Affected Versions:
'exiv2' Linux Distribution Package(s) on Huawei EulerOS V2.0SP5.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2017-1000126
https://nvd.nist.gov/vuln/detail/CVE-2017-17723
https://nvd.nist.gov/vuln/detail/CVE-2018-10958
https://nvd.nist.gov/vuln/detail/CVE-2018-10998
https://nvd.nist.gov/vuln/detail/CVE-2018-10999
https://nvd.nist.gov/vuln/detail/CVE-2018-11531
https://nvd.nist.gov/vuln/detail/CVE-2018-14046
https://nvd.nist.gov/vuln/detail/CVE-2018-17282
https://nvd.nist.gov/vuln/detail/CVE-2018-17581
https://nvd.nist.gov/vuln/detail/CVE-2018-19107
https://nvd.nist.gov/vuln/detail/CVE-2018-19108
https://nvd.nist.gov/vuln/detail/CVE-2018-19535
https://nvd.nist.gov/vuln/detail/CVE-2018-20096
https://nvd.nist.gov/vuln/detail/CVE-2018-20098
https://nvd.nist.gov/vuln/detail/CVE-2018-20099
https://nvd.nist.gov/vuln/detail/CVE-2019-13112

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2144

Search
Severity
High
CVSS Score
7.5

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.