Advisories ยป MGASA-2018-0146

Updated jhead package fixes security vulnerability

Publication date: 26 Feb 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6612

Description

Updated jhead package fixes security vulnerability:

An integer underflow bug in the process_EXIF function of the exif.c file of
jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG
file, which may allow a remote attacker to cause a denial-of-service attack or
unspecified other impact (CVE-2018-6612).
                

References

SRPMS

6/core