Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
jhead.8746
CVE-2018-6612.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-6612.patch of Package jhead.8746
From: Ludovic Rousseau <rousseau@debian.org> Date: Sat, 3 Feb 2018 10:23:09 +0100 Subject: Fix heap buffer overflow Upstream: dead Bug-Debian: http://bugs.debian.org/889272 Fixed an integer underflow bug in the process_EXIF function of the exif.c file of raises a heap-based buffer over-read when processing a malicious JPEGfile, which may allow a remote attacker to cause a DoS CVE-2018-6612 boo#1079349 --- jhead-3.00.orig/exif.c +++ jhead-3.00/exif.c @@ -1019,7 +1019,7 @@ void process_EXIF (unsigned char * ExifS FirstOffset = Get32u(ExifSection+12); if (FirstOffset < 8 || FirstOffset > 16){ - if (FirstOffset < 16 || FirstOffset > length-16){ + if (FirstOffset < 16 || length < 16 || FirstOffset > length-16){ ErrNonfatal("invalid offset for first Exif IFD value",0,0); return; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor