Updated libexif packages fix security vulnerability
Publication date: 27 May 2020Modification date: 27 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-0093 , CVE-2020-13112 , CVE-2020-13113 , CVE-2020-13114
Description
The updated packages fix a security vulnerability: In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. (CVE-2020-0093) exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error (CVE-2020-12767). An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes (CVE-2020-13112). An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions (CVE-2020-13113). An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data (CVE-2020-13114). The libexif package has been updated to version 0.6.22, fixing these issues and other bugs. Also, the exif package has been updated to version 0.6.22. See the upstream NEWS files for details.
References
- https://bugs.mageia.org/show_bug.cgi?id=26650
- https://www.debian.org/lts/security/2020/dla-2214
- https://github.com/libexif/libexif/blob/libexif-0_6_22-release/NEWS
- https://github.com/libexif/exif/blob/exif-0_6_22-release/NEWS
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
SRPMS
7/core
- libexif-0.6.22-1.mga7
- exif-0.6.22-1.mga7