MGASA-2021-0252 - Updated exif packages fix a security vulnerability Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0252.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-27815 NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. (CVE-2021-27815). References: - https://bugs.mageia.org/show_bug.cgi?id=29038 - https://lists.fedoraproject.org/archives/list/[email protected]/thread/QMC6OTXZRPCUD3LOSWO4ISR7CH7NJQDT/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27815 SRPMS: - 7/core/exif-0.6.22-1.1.mga7 - 8/core/exif-0.6.22-1.1.mga8
Mageia 2021-0252: exif security update
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by ...
Summary
NULL Pointer Deference in the exif command line tool, when printing out
XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to
cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing
the application to crash. (CVE-2021-27815).
References
- https://bugs.mageia.org/show_bug.cgi?id=29038
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/QMC6OTXZRPCUD3LOSWO4ISR7CH7NJQDT/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27815
Resolution
MGASA-2021-0252 - Updated exif packages fix a security vulnerability
SRPMS
- 7/core/exif-0.6.22-1.1.mga7
- 8/core/exif-0.6.22-1.1.mga8
Severity
Publication date: 13 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0252.html
Type: security
CVE: CVE-2021-27815
News
HOWTOs
Features
About Us
Powered By
