Bug 1061025 - (CVE-2017-14858) VUL-1: CVE-2017-14858: exiv2: It is a heap-buffer-overflow in Exiv2::l2Data (types.cpp:398)
(CVE-2017-14858)
VUL-1: CVE-2017-14858: exiv2: It is a heap-buffer-overflow in Exiv2::l2Data (...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Dirk Mueller
Security Team bot
https://smash.suse.de/issue/192616/
CVSSv3.1:SUSE:CVE-2017-14858:3.3:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-29 08:51 UTC by Victor Pereira
Modified: 2022-08-12 07:16 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
gabriele.sonnu: needinfo? (dmueller)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2017-09-29 08:51:35 UTC
rh#1494782

There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp
in Exiv2 0.26. A Crafted input will lead to a denial of service attack.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1494782
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14858
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14858.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14858
Comment 5 Dirk Mueller 2020-03-23 17:01:29 UTC
this was fixed in https://github.com/Exiv2/exiv2/issues/138 which was fixed in the maintenance update:
-------------------------------------------------------------------
Wed May 30 11:36:20 UTC 2018 - dmueller@suse.com

- update to latest 0.26 branch:
  * obsoletes 0001-Use-more-GNUInstallDirs.patch
  d4e4288d839d0d9546a05986771f8738c382060c.patch
  gcc-version-check.patch
  7f5b0778fa301b68c1c88e3820ec3afbd09dd0a5.patch
  fix-crash.patch
  * adds exiv2-update-to-0.26-branch.patch
  * Fixes CVE-2017-14864 (bsc#1060995),
  CVE-2017-14862 (bsc#1060996), CVE-2017-14859 (bsc#1061000)
  CVE-2017-14860 (bsc#1048883), CVE-2017-11337 (bsc#1048883),
  CVE-2017-11338 (bsc#1048883), CVE-2017-11339 (bsc#1048883),
  CVE-2017-11340 (bsc#1048883), CVE-2017-11553,
  CVE-2017-12955 (bsc#1054593), CVE-2017-12956,
  CVE-2017-12957, CVE-2017-11683, CVE-2017-11592,
  CVE-2017-11591 (bsc#1050257)