CVE-2019-17402 — Classic Buffer Overflow in Exiv2

CWE-120 — Classic Buffer Overflow CWE-125 — Out-of-bounds Read9 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 50.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Exiv2 Debian Exiv2 Canonical Ubuntu Linux +4 more

Timeline

PublishedOct 9

Latest updateMay 24

Description

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

▶debiandebian/exiv2< exiv2 0.27.3-1 (bookworm)

▶Debianexiv2/exiv2< 0.27.3-1+3

▶NVDexiv2/exiv20.27.2

▶msrcmsrc/cbl2_exiv2_0.27.5-1_on_cbl_mariner_2.0

▶msrcmsrc/cbl_mariner_2.0_arm

Also affects: Debian Linux 10.0, 8.0, Ubuntu Linux 16.04, 18.04, 19.04, 19.10

🔴Vulnerability Details

GHSA

GHSA-xhv3-q5hx-88ww: Exiv2 0↗2022-05-24

▶

OSV

CVE-2019-17402: Exiv2 0↗2019-10-09

▶

📋Vendor Advisories

Ubuntu

Exiv2 vulnerability↗2019-10-21

▶

Microsoft

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp because there is no validation of th↗2019-10-08

▶

Red Hat

exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check↗2019-10-06

▶

Debian

CVE-2019-17402: exiv2 - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp...↗2019

▶

💬Community

Bugzilla

CVE-2019-17402 exiv2: no validation of the relationship of the total size to the offset and size leads to a crash [fedora-all]↗2019-11-18

▶

Bugzilla

CVE-2019-17402 exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check↗2019-11-18

▶