-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: libexif security, bug fix, and enhancement update
Advisory ID:       RHSA-2020:4766-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4766
Issue date:        2020-11-03
CVE Names:         CVE-2019-9278 CVE-2020-0093 CVE-2020-0181 
                   CVE-2020-0182 CVE-2020-0198 CVE-2020-12767 
                   CVE-2020-13113 CVE-2020-13114 
====================================================================
1. Summary:

An update for libexif is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The libexif packages provide a library for extracting extra information
from image files.

The following packages have been upgraded to a later upstream version:
libexif (0.6.22). (BZ#1841320)

Security Fix(es):

* libexif: out of bounds write in exif-data.c (CVE-2019-9278)

* libexif: out of bounds read due to a missing bounds check in
exif_data_save_data_entry function in exif-data.c (CVE-2020-0093)

* libexif: integer overflow in exif_data_load_data_thumbnail function in
exif-data.c (CVE-2020-0181)

* libexif: integer overflow in exif_data_load_data_content function in
exif-data.c (CVE-2020-0198)

* libexif: use of uninitialized memory in EXIF Makernote handling can lead
to crashes and use-after-free (CVE-2020-13113)

* libexif: unrestricted size in handling Canon EXIF MakerNote data can lead
to consumption of large amounts of compute time (CVE-2020-13114)

* libexif: out of bounds read due to a missing bounds check in
exif_entry_get_value function in exif-entry.c (CVE-2020-0182)

* libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c
(CVE-2020-12767)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1789031 - CVE-2019-9278 libexif: out of bounds write in exif-data.c
1834950 - CVE-2020-12767 libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c
1840347 - CVE-2020-13113 libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free
1840350 - CVE-2020-13114 libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time
1841320 - Rebase to libexif 0.6.22
1847131 - CVE-2020-0181 libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c
1847133 - CVE-2020-0198 libexif: integer overflow in exif_data_load_data_content function in exif-data.c
1852487 - CVE-2020-0093 libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c
1852490 - CVE-2020-0182 libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
libexif-0.6.22-4.el8.src.rpm

aarch64:
libexif-0.6.22-4.el8.aarch64.rpm
libexif-debuginfo-0.6.22-4.el8.aarch64.rpm
libexif-debugsource-0.6.22-4.el8.aarch64.rpm

ppc64le:
libexif-0.6.22-4.el8.ppc64le.rpm
libexif-debuginfo-0.6.22-4.el8.ppc64le.rpm
libexif-debugsource-0.6.22-4.el8.ppc64le.rpm

s390x:
libexif-0.6.22-4.el8.s390x.rpm
libexif-debuginfo-0.6.22-4.el8.s390x.rpm
libexif-debugsource-0.6.22-4.el8.s390x.rpm

x86_64:
libexif-0.6.22-4.el8.i686.rpm
libexif-0.6.22-4.el8.x86_64.rpm
libexif-debuginfo-0.6.22-4.el8.i686.rpm
libexif-debuginfo-0.6.22-4.el8.x86_64.rpm
libexif-debugsource-0.6.22-4.el8.i686.rpm
libexif-debugsource-0.6.22-4.el8.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
libexif-debuginfo-0.6.22-4.el8.aarch64.rpm
libexif-debugsource-0.6.22-4.el8.aarch64.rpm
libexif-devel-0.6.22-4.el8.aarch64.rpm

ppc64le:
libexif-debuginfo-0.6.22-4.el8.ppc64le.rpm
libexif-debugsource-0.6.22-4.el8.ppc64le.rpm
libexif-devel-0.6.22-4.el8.ppc64le.rpm

s390x:
libexif-debuginfo-0.6.22-4.el8.s390x.rpm
libexif-debugsource-0.6.22-4.el8.s390x.rpm
libexif-devel-0.6.22-4.el8.s390x.rpm

x86_64:
libexif-debuginfo-0.6.22-4.el8.i686.rpm
libexif-debuginfo-0.6.22-4.el8.x86_64.rpm
libexif-debugsource-0.6.22-4.el8.i686.rpm
libexif-debugsource-0.6.22-4.el8.x86_64.rpm
libexif-devel-0.6.22-4.el8.i686.rpm
libexif-devel-0.6.22-4.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-9278
https://access.redhat.com/security/cve/CVE-2020-0093
https://access.redhat.com/security/cve/CVE-2020-0181
https://access.redhat.com/security/cve/CVE-2020-0182
https://access.redhat.com/security/cve/CVE-2020-0198
https://access.redhat.com/security/cve/CVE-2020-12767
https://access.redhat.com/security/cve/CVE-2020-13113
https://access.redhat.com/security/cve/CVE-2020-13114
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX6IyGtzjgjWX9erEAQhxCQ/8CPwEDHZdL92GUM5XMZiHVLXoUfz3fRtk
1h1wzsxOf5Ej/ArGYUhzTXHS1+hU2ed00h7sTYFJEhAw+hzf95rf/rX694nG20x0
wn+52P85WbvBI4C4JPN+i3PkXpxp4T3PQjWM0XDz9Z6eXlzeE+7O7RocfK5WbZZg
ygOjWbGG0+jqCtSfvRk64qs+UcpJI0AMs34mBYVKOgqMyxvTfqviwsWZtO99ZPBX
XlfNMxtoydvac+1LxYUQWWwoSAFLj/TBZSd6ILQy6QFz6mej23wFyZuDHRa/LiOz
GE1UAzUCtu3S7eETjKfxZFnG9CTZ8mxV6+4te6QNMh8st5MKBGt3kBWiEpKRY1vs
MLXziNczPej9AhyMZ5tLIg73lznZLy6jEwpPNLi8zWVbgIvSLQaFTWVck1M9EZCA
IphWPkfdeG1m92eyJ5aB8t3FEWmDymfkEKOXFvO/CLXtz0Hidz89tS5SxtCVH+3/
fL/umssnxa7Es4u2zRi7DCjGCWk4k9vobKsbp5Rh/K90XwLM8PG4UtTyJleKNg6y
etdUw3tuLPUQoD5HGlEd4doKl2lNJjDXAeAPW1rdithxp4T7hHufIQJaoEIEGDou
nbEVGRWPcME43uJgjeHuOvVIw4xw8z5j89HGIS3/HQMJE2OBZYhv8qsj6Kjz6/Pm
8xSyJ+X825g=fXlD
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2020-4766:01 Moderate: libexif security, bug fix,

An update for libexif is now available for Red Hat Enterprise Linux 8

Summary

The libexif packages provide a library for extracting extra information from image files.
The following packages have been upgraded to a later upstream version: libexif (0.6.22). (BZ#1841320)
Security Fix(es):
* libexif: out of bounds write in exif-data.c (CVE-2019-9278)
* libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c (CVE-2020-0093)
* libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c (CVE-2020-0181)
* libexif: integer overflow in exif_data_load_data_content function in exif-data.c (CVE-2020-0198)
* libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free (CVE-2020-13113)
* libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time (CVE-2020-13114)
* libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c (CVE-2020-0182)
* libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c (CVE-2020-12767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2019-9278 https://access.redhat.com/security/cve/CVE-2020-0093 https://access.redhat.com/security/cve/CVE-2020-0181 https://access.redhat.com/security/cve/CVE-2020-0182 https://access.redhat.com/security/cve/CVE-2020-0198 https://access.redhat.com/security/cve/CVE-2020-12767 https://access.redhat.com/security/cve/CVE-2020-13113 https://access.redhat.com/security/cve/CVE-2020-13114 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: libexif-0.6.22-4.el8.src.rpm
aarch64: libexif-0.6.22-4.el8.aarch64.rpm libexif-debuginfo-0.6.22-4.el8.aarch64.rpm libexif-debugsource-0.6.22-4.el8.aarch64.rpm
ppc64le: libexif-0.6.22-4.el8.ppc64le.rpm libexif-debuginfo-0.6.22-4.el8.ppc64le.rpm libexif-debugsource-0.6.22-4.el8.ppc64le.rpm
s390x: libexif-0.6.22-4.el8.s390x.rpm libexif-debuginfo-0.6.22-4.el8.s390x.rpm libexif-debugsource-0.6.22-4.el8.s390x.rpm
x86_64: libexif-0.6.22-4.el8.i686.rpm libexif-0.6.22-4.el8.x86_64.rpm libexif-debuginfo-0.6.22-4.el8.i686.rpm libexif-debuginfo-0.6.22-4.el8.x86_64.rpm libexif-debugsource-0.6.22-4.el8.i686.rpm libexif-debugsource-0.6.22-4.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: libexif-debuginfo-0.6.22-4.el8.aarch64.rpm libexif-debugsource-0.6.22-4.el8.aarch64.rpm libexif-devel-0.6.22-4.el8.aarch64.rpm
ppc64le: libexif-debuginfo-0.6.22-4.el8.ppc64le.rpm libexif-debugsource-0.6.22-4.el8.ppc64le.rpm libexif-devel-0.6.22-4.el8.ppc64le.rpm
s390x: libexif-debuginfo-0.6.22-4.el8.s390x.rpm libexif-debugsource-0.6.22-4.el8.s390x.rpm libexif-devel-0.6.22-4.el8.s390x.rpm
x86_64: libexif-debuginfo-0.6.22-4.el8.i686.rpm libexif-debuginfo-0.6.22-4.el8.x86_64.rpm libexif-debugsource-0.6.22-4.el8.i686.rpm libexif-debugsource-0.6.22-4.el8.x86_64.rpm libexif-devel-0.6.22-4.el8.i686.rpm libexif-devel-0.6.22-4.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2020:4766-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4766
Issued Date: : 2020-11-03
CVE Names: CVE-2019-9278 CVE-2020-0093 CVE-2020-0181 CVE-2020-0182 CVE-2020-0198 CVE-2020-12767 CVE-2020-13113 CVE-2020-13114

Topic

An update for libexif is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64


Bugs Fixed

1789031 - CVE-2019-9278 libexif: out of bounds write in exif-data.c

1834950 - CVE-2020-12767 libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c

1840347 - CVE-2020-13113 libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free

1840350 - CVE-2020-13114 libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time

1841320 - Rebase to libexif 0.6.22

1847131 - CVE-2020-0181 libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c

1847133 - CVE-2020-0198 libexif: integer overflow in exif_data_load_data_content function in exif-data.c

1852487 - CVE-2020-0093 libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c

1852490 - CVE-2020-0182 libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c


Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved