CVE-2018-17088Integer Overflow or Wraparound in Jhead

CWE-190Integer Overflow or Wraparound7 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 51.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jhead Project JheadDebian Jhead
Timeline
PublishedSep 16
Latest updateMay 13

Description

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

debiandebian/jhead< jhead 1:3.00-8 (bookworm)
Debianjhead_project/jhead< 1:3.00-8+3

Patches

Patch: bugs.debian.orgPatch: bugs.debian.org

🔴Vulnerability Details

2
GHSA
GHSA-727r-rxp4-hwwc: The ProcessGpsInfo function of the gpsinfo2022-05-13
OSV
CVE-2018-17088: The ProcessGpsInfo function of the gpsinfo2018-09-16

📋Vendor Advisories

1
Debian
CVE-2018-17088: jhead - The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remo...2018

💬Community

3
Bugzilla
CVE-2018-17088 jhead: Integer overflow in gpsinfo.c while running jhead [fedora-all]2018-09-17
Bugzilla
CVE-2018-17088 jhead: Integer overflow in gpsinfo.c while running jhead2018-09-17
Bugzilla
CVE-2018-17088 jhead: Integer overflow in gpsinfo.c while running jhead [epel-all]2018-09-17
CVE-2018-17088 — Integer Overflow or Wraparound | cvebase