Detections
Analytics
RHEL 7 : exiv2 (RHSA-2019:2101)
high Nessus Plugin ID 127672
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
An update for exiv2 is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.
The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments.
The following packages have been upgraded to a later upstream version:
exiv2 (0.27.0). (BZ#1652637)
Security Fix(es) :
* exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/ iptc.cpp (CVE-2017-17724)
* exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976)
* exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977)
* exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305)
* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772)
* exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)
* exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)
* exiv2: information leak via a crafted file (CVE-2018-11037)
* exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264)
* exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265)
* exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046)
* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282)
* exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581)
* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915)
* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107)
* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108)
* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535)
* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607)
* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096)
* exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097)
* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098)
* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?3395ff0b
https://access.redhat.com/errata/RHSA-2019:2101
https://access.redhat.com/security/cve/cve-2017-17724
https://access.redhat.com/security/cve/cve-2018-8976
https://access.redhat.com/security/cve/cve-2018-8977
https://access.redhat.com/security/cve/cve-2018-9305
https://access.redhat.com/security/cve/cve-2018-10772
https://access.redhat.com/security/cve/cve-2018-10958
https://access.redhat.com/security/cve/cve-2018-10998
https://access.redhat.com/security/cve/cve-2018-10999
https://access.redhat.com/security/cve/cve-2018-11037
https://access.redhat.com/security/cve/cve-2018-12264
https://access.redhat.com/security/cve/cve-2018-12265
https://access.redhat.com/security/cve/cve-2018-14046
https://access.redhat.com/security/cve/cve-2018-17282
https://access.redhat.com/security/cve/cve-2018-17581
https://access.redhat.com/security/cve/cve-2018-18915
https://access.redhat.com/security/cve/cve-2018-19107
https://access.redhat.com/security/cve/cve-2018-19108
https://access.redhat.com/security/cve/cve-2018-19535
https://access.redhat.com/security/cve/cve-2018-19607
https://access.redhat.com/security/cve/cve-2018-20096
https://access.redhat.com/security/cve/cve-2018-20097
Plugin Details
Severity: High
ID: 127672
File Name: redhat-RHSA-2019-2101.nasl
Version: 1.6
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 8/12/2019
Updated: 1/6/2020
Supported Sensors: Frictionless Assessment Azure, Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:exiv2, p-cpe:/a:redhat:enterprise_linux:exiv2-debuginfo, p-cpe:/a:redhat:enterprise_linux:exiv2-devel, p-cpe:/a:redhat:enterprise_linux:exiv2-doc, p-cpe:/a:redhat:enterprise_linux:exiv2-libs, cpe:/o:redhat:enterprise_linux:7
Required KB Items: Host/local_checks_enabled, Host/RedHat/rpm-list, Host/cpu, Host/RedHat/release
Exploit Ease: No known exploits are available
Patch Publication Date: 8/6/2019
Vulnerability Publication Date: 2/12/2018
Reference Information
CVE: CVE-2017-17724, CVE-2018-10772, CVE-2018-10958, CVE-2018-10998, CVE-2018-10999, CVE-2018-11037, CVE-2018-12264, CVE-2018-12265, CVE-2018-14046, CVE-2018-17282, CVE-2018-17581, CVE-2018-18915, CVE-2018-19107, CVE-2018-19108, CVE-2018-19535, CVE-2018-19607, CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099, CVE-2018-8976, CVE-2018-8977, CVE-2018-9305
RHSA: 2019:2101