CVE-2017-14864 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Exiv2

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190 — Integer Overflow or Wraparound CWE-125 — Out-of-bounds Read15 documents7 sources

Severity

6.5MEDIUMNVD

NVD5.5OSV7.5OSV5.5

EPSS

0.1%

top 69.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Exiv2 Debian Exiv2 Canonical Ubuntu Linux +1 more

Timeline

PublishedSep 29

Latest updateMay 14

Description

An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/exiv2< exiv2 0.27.2-6 (bookworm)+1

▶Debianexiv2/exiv2< 0.27.2-6+3

▶Ubuntuexiv2/exiv2< 0.23-1ubuntu2.2+2

▶NVDexiv2/exiv20.26

Also affects: Debian Linux 10.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10

🔴Vulnerability Details

GHSA

GHSA-v685-q6m8-37cr: An Invalid memory address dereference was discovered in Exiv2::getULong in types↗2022-05-14

▶

GHSA

GHSA-qxcp-2wh8-fqw4: In Exiv2 0↗2022-05-14

▶

OSV

exiv2 vulnerabilities↗2019-01-10

▶

OSV

CVE-2017-14864: In Exiv2 0↗2018-02-12

▶

OSV

CVE-2017-14864: An Invalid memory address dereference was discovered in Exiv2::getULong in types↗2017-09-29

▶

📋Vendor Advisories

Ubuntu

Exiv2 vulnerabilities↗2019-01-10

▶

Red Hat

exiv2: heap-based buffer over-read in Exiv2::getULong function in types.cpp↗2017-12-12

▶

Red Hat

exiv2: Invalid memory address dereference in Exiv2::getULong↗2017-09-22

▶

Debian

CVE-2017-14864: exiv2 - An Invalid memory address dereference was discovered in Exiv2::getULong in types...↗2017

▶

Debian

CVE-2017-17725: exiv2 - In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-...↗2017

▶

💬Community

Bugzilla

CVE-2017-14864 exiv2: Invalid memory address dereference in Exiv2::getULong↗2017-10-10

▶

Bugzilla

Invalid memory address dereference in Exiv2::getULong(types.cpp:246)↗2017-09-22

▶

Bugzilla

CVE-2017-1000126 CVE-2017-1000127 CVE-2017-1000128 CVE-2017-11553 CVE-2017-11591 CVE-2017-11592 CVE-2017-11683 CVE-2017-12955 CVE-2017-12956 CVE-2017-12957 CVE-2017-14857 CVE-2017-14858 CVE-2017-14859↗2017-07-26

▶