Alpine: "FreeImage": security update to 3.18.0-r1 (deprecated)

high Tenable Cloud Security Plugin ID 400480

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp
file, but a memcpy occurs in which the destination address and the size of the copied data are not
considered, resulting in a heap overflow. (CVE-2019-12211)

- When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly
calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can
achieve a remote denial of service attack by sending a specially constructed file. (CVE-2019-12212)

- When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always
returns 1, leading to stack exhaustion. (CVE-2019-12213)

- In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3
function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that
l_N_ppm may be greater than the size of p_header_data. (CVE-2019-12214)

See Also

https://git.alpinelinux.org/aports/commit/?id=00b0467fc6117c5a73ebe8965c5412afbb91888c

https://git.alpinelinux.org/aports/commit/?id=ad4775b0fd02f3562a8aa5985daea8b08d974c9d

Plugin Details

Severity: High

ID: 400480

Version: Revision 1.22

Type: Local

Published: 8/16/2023

Updated: 1/17/2024

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.51

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-12214

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/2/2019

Vulnerability Publication Date: 5/20/2019

Reference Information

CVE: CVE-2019-12211, CVE-2019-12212, CVE-2019-12213, CVE-2019-12214