Updated openexr packages fix security vulnerabilities
Publication date: 10 Jan 2021Type: security
Affected Mageia releases : 7
CVE: CVE-2020-15304 , CVE-2020-15305 , CVE-2020-15306 , CVE-2020-16587 , CVE-2020-16588 , CVE-2020-16589
Description
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference (CVE-2020-15304). An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp (CVE-2020-15305). An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp (CVE-2020-15306). A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file (CVE-2020-16587). A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file (CVE-2020-16588). A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file (CVE-2020-16589).
References
- https://bugs.mageia.org/show_bug.cgi?id=26914
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LKDRVXORM2VLNHRLFKS3JHRABSHZ5W5M/
- https://ubuntu.com/security/notices/USN-4418-1
- https://ubuntu.com/security/notices/USN-4676-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15304
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15306
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16587
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16588
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16589
SRPMS
7/core
- openexr-2.3.0-2.3.mga7