Detections
Analytics
RHEL 7 : exiv2 (RHSA-2019:2101)
high Nessus Plugin ID 127672
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2101 advisory.The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments.
The following packages have been upgraded to a later upstream version: exiv2 (0.27.0). (BZ#1652637)
Security Fix(es):
* exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp (CVE-2017-17724)
* exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976)
* exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977)
* exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305)
* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772)
* exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)
* exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)
* exiv2: information leak via a crafted file (CVE-2018-11037)
* exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264)
* exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265)
* exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046)
* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282)
* exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581)
* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915)
* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107)
* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108)
* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535)
* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607)
* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096)
* exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097)
* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098)
* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?b347d973
http://www.nessus.org/u?cc7115e8
https://access.redhat.com/errata/RHSA-2019:2101
https://access.redhat.com/security/updates/classification/#low
https://bugzilla.redhat.com/show_bug.cgi?id=1465061
https://bugzilla.redhat.com/show_bug.cgi?id=1470729
https://bugzilla.redhat.com/show_bug.cgi?id=1470737
https://bugzilla.redhat.com/show_bug.cgi?id=1470913
https://bugzilla.redhat.com/show_bug.cgi?id=1470946
https://bugzilla.redhat.com/show_bug.cgi?id=1470950
https://bugzilla.redhat.com/show_bug.cgi?id=1471772
https://bugzilla.redhat.com/show_bug.cgi?id=1473888
https://bugzilla.redhat.com/show_bug.cgi?id=1473889
https://bugzilla.redhat.com/show_bug.cgi?id=1475123
https://bugzilla.redhat.com/show_bug.cgi?id=1475124
https://bugzilla.redhat.com/show_bug.cgi?id=1482295
https://bugzilla.redhat.com/show_bug.cgi?id=1482296
https://bugzilla.redhat.com/show_bug.cgi?id=1482423
https://bugzilla.redhat.com/show_bug.cgi?id=1494443
https://bugzilla.redhat.com/show_bug.cgi?id=1494467
https://bugzilla.redhat.com/show_bug.cgi?id=1494776
https://bugzilla.redhat.com/show_bug.cgi?id=1494778
https://bugzilla.redhat.com/show_bug.cgi?id=1494780
https://bugzilla.redhat.com/show_bug.cgi?id=1494781
https://bugzilla.redhat.com/show_bug.cgi?id=1494782
https://bugzilla.redhat.com/show_bug.cgi?id=1494786
https://bugzilla.redhat.com/show_bug.cgi?id=1494787
https://bugzilla.redhat.com/show_bug.cgi?id=1495043
https://bugzilla.redhat.com/show_bug.cgi?id=1524104
https://bugzilla.redhat.com/show_bug.cgi?id=1524107
https://bugzilla.redhat.com/show_bug.cgi?id=1524116
https://bugzilla.redhat.com/show_bug.cgi?id=1525055
https://bugzilla.redhat.com/show_bug.cgi?id=1537353
https://bugzilla.redhat.com/show_bug.cgi?id=1545237
https://bugzilla.redhat.com/show_bug.cgi?id=1561213
https://bugzilla.redhat.com/show_bug.cgi?id=1561217
https://bugzilla.redhat.com/show_bug.cgi?id=1566260
https://bugzilla.redhat.com/show_bug.cgi?id=1566735
https://bugzilla.redhat.com/show_bug.cgi?id=1578659
https://bugzilla.redhat.com/show_bug.cgi?id=1579481
https://bugzilla.redhat.com/show_bug.cgi?id=1579544
https://bugzilla.redhat.com/show_bug.cgi?id=1590993
https://bugzilla.redhat.com/show_bug.cgi?id=1590994
https://bugzilla.redhat.com/show_bug.cgi?id=1594627
https://bugzilla.redhat.com/show_bug.cgi?id=1601628
https://bugzilla.redhat.com/show_bug.cgi?id=1632490
https://bugzilla.redhat.com/show_bug.cgi?id=1635045
https://bugzilla.redhat.com/show_bug.cgi?id=1646555
https://bugzilla.redhat.com/show_bug.cgi?id=1649094
https://bugzilla.redhat.com/show_bug.cgi?id=1649101
https://bugzilla.redhat.com/show_bug.cgi?id=1652637
https://bugzilla.redhat.com/show_bug.cgi?id=1656187
https://bugzilla.redhat.com/show_bug.cgi?id=1656195
https://bugzilla.redhat.com/show_bug.cgi?id=1660423
https://bugzilla.redhat.com/show_bug.cgi?id=1660424
https://bugzilla.redhat.com/show_bug.cgi?id=1660425
Plugin Details
Severity: High
ID: 127672
File Name: redhat-RHSA-2019-2101.nasl
Version: 1.9
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 8/12/2019
Updated: 11/6/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
Vendor
Vendor Severity: Low
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2019-9143
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:exiv2-doc, p-cpe:/a:redhat:enterprise_linux:exiv2-devel, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:exiv2-libs, p-cpe:/a:redhat:enterprise_linux:exiv2
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/6/2019
Vulnerability Publication Date: 2/12/2018
Reference Information
CVE: CVE-2017-17724, CVE-2018-10772, CVE-2018-10958, CVE-2018-10998, CVE-2018-10999, CVE-2018-11037, CVE-2018-12264, CVE-2018-12265, CVE-2018-14046, CVE-2018-17282, CVE-2018-17581, CVE-2018-18915, CVE-2018-19107, CVE-2018-19108, CVE-2018-19535, CVE-2018-19607, CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099, CVE-2018-4868, CVE-2018-8976, CVE-2018-8977, CVE-2018-9305, CVE-2019-9143