CVE-2021-32617

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm (quadratic complexity) was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4. Note that this bug is only triggered when _writing_ the metadata, which is a less frequently used Exiv2 operation than _reading_ the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `rm`.

References

https://github.com/Exiv2/exiv2/pull/1657

https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj

https://lists.fedoraproject.org/archives/list/[email protected]/message/5I3RRZUGSBIUYZ5TIHLN55PKMAWCSJ5G/

https://lists.fedoraproject.org/archives/list/[email protected]/message/M2BPQNJKTRIDINTVJ22QMMTIZEPHVKXK/

https://lists.fedoraproject.org/archives/list/[email protected]/message/RQAKFIQHW2AS3AGSJM42ABOA6CWIJBGM/

https://lists.fedoraproject.org/archives/list/[email protected]/message/TZ5SGWHK64TB7ADRSVBGHEPDFN5CSOO3/

Details

Source: MITRE

Published: 2021-05-17

Updated: 2021-06-10

Type: CWE-400

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
155217RHEL 8 : exiv2 (RHSA-2021:4173)NessusRed Hat Local Security Checks
high
154372EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2021-2579)NessusHuawei Local Security Checks
high
153739EulerOS 2.0 SP5 : exiv2 (EulerOS-SA-2021-2495)NessusHuawei Local Security Checks
low
153280EulerOS 2.0 SP2 : exiv2 (EulerOS-SA-2021-2367)NessusHuawei Local Security Checks
critical
152325EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2021-2293)NessusHuawei Local Security Checks
high
151377FreeBSD : Exiv2 -- Multiple vulnerabilities (d49f86ab-d9c7-11eb-a200-00155d01f201)NessusFreeBSD Local Security Checks
high
149906Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Exiv2 vulnerabilities (USN-4964-1)NessusUbuntu Local Security Checks
high