Bug 1144348 – VUL-1: CVE-2019-14492: opencv: An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service

Bug 1144348 - (CVE-2019-14492) VUL-1: CVE-2019-14492: opencv: An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service

(CVE-2019-14492)
Summary:	VUL-1: CVE-2019-14492: opencv: An issue was discovered in OpenCV before 3.4.7...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/238721/
Whiteboard:	CVSSv2:NVD:CVE-2019-14492:6.4:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-08-05 15:39 UTC by Wolfgang Frisch
Modified:	2022-01-12 14:45 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
opencv-321c74ccd6077bdea1d47450ca4fe955cb5b6330-fixes-CVE-2019-14491-and-CVE-2019-14492 (5.32 KB, patch) 2019-08-05 16:08 UTC, Wolfgang Frisch	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Frisch 2019-08-05 15:39:29 UTC

CVE-2019-14492

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an
out of bounds read/write in the function HaarEvaluator::OptFeature::calc in
modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14492
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14492.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14492
http://www.cvedetails.com/cve/CVE-2019-14492/
https://github.com/opencv/opencv/issues/15124
https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
https://github.com/opencv/opencv/compare/371bba8...ddbd10c

Comment 1 Wolfgang Frisch 2019-08-05 16:07:23 UTC

Following source code investigation, I conclude that opencv-3.3.1, shipped in SUSE:SLE-15:Update, is vulnerable.

Upstream patch for OpenCV-3.x:
https://github.com/opencv/opencv/pull/15150

Comment 2 Wolfgang Frisch 2019-08-05 16:08:13 UTC

Created attachment 812843 [details]
opencv-321c74ccd6077bdea1d47450ca4fe955cb5b6330-fixes-CVE-2019-14491-and-CVE-2019-14492

Comment 6 Swamp Workflow Management 2019-12-05 20:14:11 UTC

SUSE-SU-2019:3192-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1144348,1144352,1149742,1154091
CVE References: CVE-2019-14491,CVE-2019-14492,CVE-2019-15939
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Workstation Extension 15 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    opencv-3.3.1-6.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Swamp Workflow Management 2019-12-11 14:15:57 UTC

openSUSE-SU-2019:2671-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1144348,1144352,1149742,1154091
CVE References: CVE-2019-14491,CVE-2019-14492,CVE-2019-15939
Sources used:
openSUSE Leap 15.1 (src):    opencv-3.3.1-lp151.6.3.1

Comment 8 Swamp Workflow Management 2020-07-08 13:15:00 UTC

SUSE-SU-2019:3192-2: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1144348,1144352,1149742,1154091
CVE References: CVE-2019-14491,CVE-2019-14492,CVE-2019-15939
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 (src):    opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (src):    opencv-3.3.1-6.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Wolfgang Frisch 2020-10-19 16:12:03 UTC

Released.