Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
172
security advisorydenial of servicesoftware updateUbuntu 22.04, 18.04 LTS: USN-7247-1 critical: OpenCV denial of service
Several security issues were fixed in OpenCV.. ========================================================================== Ubuntu Security Notice USN-7247-1 February 03, 2025 opencv vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in OpenCV. Software Description: - opencv: computer vision library Details: It was discovered that OpenCV did not properly manage certain XML data, leading to a NULL pointer dereference. If a user were tricked into loading a specially crafted file, a remote attacker could possibly use this issue to make OpenCV crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14493) It was discovered that OpenCV may perform out-of-bounds reads in certain situations. An attacker could possibly use this issue to cause OpenCV to crash, resulting in a denial of service, or the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-16249, CVE-2019-19624) It was discovered that the QR code module of OpenCV incorrectly processed certain maliciously crafted QR codes. A remote attacker could possibly use this issue to cause OpenCV to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-2617, CVE-2023-2618) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS libopencv-contrib4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-core4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-dev 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-dnn4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-flann4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-imgcodecs4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro libopencv-objdetect4.5d 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro opencv-data 4.5.4+dfsg-9ubuntu4+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libopencv-core3.2 3.2.0+dfsg-4ubuntu0.1+esm4 Available with Ubuntu Pro libopencv-dev 3.2.0+dfsg-4ubuntu0.1+esm4 Available with Ubuntu Pro opencv-data 3.2.0+dfsg-4ubuntu0.1+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7247-1 CVE-2019-14493, CVE-2019-16249, CVE-2019-19624, CVE-2023-2617, CVE-2023-2618 . Crucial information for Ubuntu enthusiasts concerning serious OpenCV security flaws impacting various versions.. OpenCV Security Update, Ubuntu Security Advisory, Denial of Service Fix. . Severity: Critical. LinuxSecurity.com Team
Feb 04, 2025
•Critical
Ubuntu
197
security advisorybuffer overflowdebianDebian 9 LTS DLA-2799-1 Critical: OpenCV Buffer Overflow Threat
Several security vulnerabilities have been discovered in OpenCV, the Open Computer Vision Library. Buffer overflows, NULL pointer dereferences and out-of-bounds write errors may lead to a denial-of-service or other unspecified impact. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2799-1
Oct 30, 2021
•Critical
Debian LTS
100
security advisorymoderatedenial of serviceSUSE Linux Enterprise: 2019:3192-2 Moderate: Opencv Denial of Service Fix
An update that solves three vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for opencv ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:3192-2 Rating: moderate References: #1144348 #1144352 #1149742 #1154091 Cross-References: CVE-2019-14491 CVE-2019-14492 CVE-2019-15939 Affected Products: SUSE Linux Enterprise Workstation Extension 15-SP2 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for opencv fixes the following issues: Security issues fixed: - CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrdered , leading to DOS (bsc#1144352). - CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service (bsc#1144348). - CVE-2019-15939: Fixed a divide-by-zero error in cv:HOGDescriptor:getDescriptorSize (bsc#1149742). Non-security issue fixed: - Fixed an issue in opencv-devel that broke builds with "No rule to make target opencv_calib3d-NOTFOUND" (bsc#1154091). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2020-1875=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-1875=1 - SUSE Linux Enterprise Module for PackagehubSubpackages 15-SP1: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP1-2020-1875=1 Package List: - SUSE Linux Enterprise Workstation Extension 15-SP2 (x86_64): libopencv3_3-3.3.1-6.6.1 libopencv3_3-debuginfo-3.3.1-6.6.1 opencv-3.3.1-6.6.1 opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 opencv-devel-3.3.1-6.6.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 (aarch64 ppc64le s390x x86_64): opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 python2-opencv-3.3.1-6.6.1 python2-opencv-debuginfo-3.3.1-6.6.1 python3-opencv-3.3.1-6.6.1 python3-opencv-debuginfo-3.3.1-6.6.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (aarch64 ppc64le s390x x86_64): opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 python2-opencv-3.3.1-6.6.1 python2-opencv-debuginfo-3.3.1-6.6.1 python3-opencv-3.3.1-6.6.1 python3-opencv-debuginfo-3.3.1-6.6.1 References: https://www.suse.com/security/cve/CVE-2019-14491.html https://www.suse.com/security/cve/CVE-2019-14492.html https://www.suse.com/security/cve/CVE-2019-15939.html https://bugzilla.suse.com/1144348 https://bugzilla.suse.com/1144352 https://bugzilla.suse.com/1149742 https://bugzilla.suse.com/1154091 _______________________________________________ sle-security-updates mailing list
Jul 08, 2020
SuSE
203
security advisorydenial of servicesoftware updateMageia 7 MGASA-2020-0030 Moderate: Opencv Out Of Bounds Access
The updated packages fix security vulnerabilities: An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which . MGASA-2020-0030 - Updated opencv packages fix security vulnerabilities Publication date: 11 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0030.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-14491, CVE-2019-14492, CVE-2019-15939 The updated packages fix security vulnerabilities: An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. (CVE-2019-14491) An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator:: OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. (CVE-2019-14492) An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. (CVE-2019-15939) References: - https://bugs.mageia.org/show_bug.cgi?id=25855 - https://lists.suse.com/pipermail/sle-security-updates/2019-December/006214.html - - https://www.cve.org/CVERecord?id=CVE-2019-14491 - https://www.cve.org/CVERecord?id=CVE-2019-14492 - https://www.cve.org/CVERecord?id=CVE-2019-15939 SRPMS: - 7/core/opencv-3.4.5-2.1.mga7 . Recent updates for opencv packages in Mageia tackle significant security threats, rectifying severe problems related to out-of-bounds accesses.. opencv security update, Mageia advisory, software vulnerabilities fix. . LinuxSecurity.com Team
Jan 11, 2020
Mageia
202
security advisorymoderateDenial Of ServiceopenSUSE 15.1: 2019:2671-1 Moderate: opencv Denial Of Service
An update that solves three vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for opencv ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2671-1 Rating: moderate References: #1144348 #1144352 #1149742 #1154091 Cross-References: CVE-2019-14491 CVE-2019-14492 CVE-2019-15939 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for opencv fixes the following issues: Security issues fixed: - CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrdered , leading to DOS (bsc#1144352). - CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service (bsc#1144348). - CVE-2019-15939: Fixed a divide-by-zero error in cv:HOGDescriptor:getDescriptorSize (bsc#1149742). Non-security issue fixed: - Fixed an issue in opencv-devel that broke builds with "No rule to make target opencv_calib3d-NOTFOUND" (bsc#1154091). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2671=1 Package List: - openSUSE Leap 15.1 (x86_64): libopencv3_3-3.3.1-lp151.6.3.1 libopencv3_3-debuginfo-3.3.1-lp151.6.3.1 opencv-3.3.1-lp151.6.3.1 opencv-debuginfo-3.3.1-lp151.6.3.1 opencv-debugsource-3.3.1-lp151.6.3.1 opencv-devel-3.3.1-lp151.6.3.1 opencv-doc-3.3.1-lp151.6.3.1 python2-opencv-3.3.1-lp151.6.3.1 python2-opencv-debuginfo-3.3.1-lp151.6.3.1 python3-opencv-3.3.1-lp151.6.3.1 python3-opencv-debuginfo-3.3.1-lp151.6.3.1 References: https://www.suse.com/security/cve/CVE-2019-14491.html https://www.suse.com/security/cve/CVE-2019-14492.html https://www.suse.com/security/cve/CVE-2019-15939.html https://bugzilla.suse.com/1144348 https://bugzilla.suse.com/1144352 https://bugzilla.suse.com/1149742 https://bugzilla.suse.com/1154091 -- . A crucial security patch for openSUSE targeting opencv resolves various vulnerabilities. Ensure your system's safety by updating today.. openSUSE Update, opencv Security Patch, Denial of Service Fix. . LinuxSecurity.com Team
Dec 11, 2019
OpenSUSE
100
security advisorymoderatedenial of serviceSUSE: 2019:3192-1 Moderate: opencv Denial Of Service Fix
An update that solves three vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for opencv ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:3192-1 Rating: moderate References: #1144348 #1144352 #1149742 #1154091 Cross-References: CVE-2019-14491 CVE-2019-14492 CVE-2019-15939 Affected Products: SUSE Linux Enterprise Workstation Extension 15-SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for opencv fixes the following issues: Security issues fixed: - CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrdered , leading to DOS (bsc#1144352). - CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service (bsc#1144348). - CVE-2019-15939: Fixed a divide-by-zero error in cv:HOGDescriptor:getDescriptorSize (bsc#1149742). Non-security issue fixed: - Fixed an issue in opencv-devel that broke builds with "No rule to make target opencv_calib3d-NOTFOUND" (bsc#1154091). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP1: zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2019-3192=1 - SUSE Linux EnterpriseWorkstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2019-3192=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-3192=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3192=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-3192=1 Package List: - SUSE Linux Enterprise Workstation Extension 15-SP1 (x86_64): libopencv3_3-3.3.1-6.6.1 libopencv3_3-debuginfo-3.3.1-6.6.1 opencv-3.3.1-6.6.1 opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 opencv-devel-3.3.1-6.6.1 - SUSE Linux Enterprise Workstation Extension 15 (x86_64): libopencv3_3-3.3.1-6.6.1 libopencv3_3-debuginfo-3.3.1-6.6.1 opencv-3.3.1-6.6.1 opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 opencv-devel-3.3.1-6.6.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64): opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 python2-opencv-3.3.1-6.6.1 python2-opencv-debuginfo-3.3.1-6.6.1 python3-opencv-3.3.1-6.6.1 python3-opencv-debuginfo-3.3.1-6.6.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 opencv-doc-3.3.1-6.6.1 python2-opencv-3.3.1-6.6.1 python2-opencv-debuginfo-3.3.1-6.6.1 python3-opencv-3.3.1-6.6.1 python3-opencv-debuginfo-3.3.1-6.6.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): opencv-debuginfo-3.3.1-6.6.1 opencv-debugsource-3.3.1-6.6.1 opencv-doc-3.3.1-6.6.1 python2-opencv-3.3.1-6.6.1 python2-opencv-debuginfo-3.3.1-6.6.1 python3-opencv-3.3.1-6.6.1 python3-opencv-debuginfo-3.3.1-6.6.1 References: https://www.suse.com/security/cve/CVE-2019-14491.html https://www.suse.com/security/cve/CVE-2019-14492.html https://www.suse.com/security/cve/CVE-2019-15939.html https://bugzilla.suse.com/1144348 https://bugzilla.suse.com/1144352 https://bugzilla.suse.com/1149742 https://bugzilla.suse.com/1154091 _______________________________________________ sle-security-updates mailing list
Dec 05, 2019
SuSE
197
security advisorybuffer overflowcriticalDebian Jessie DLA-1438-1 Critical: Opencv Buffer Overflow Issue
Early versions of opencv have problems while reading data, which might result in either buffer overflows, out-of bounds errors or integer . Package : opencv Version : 2.4.9.1+dfsg-1+deb8u2 CVE ID : CVE-2016-1516 CVE-2017-12597 CVE-2017-12598 CVE-2017-12599 CVE-2017-12601 CVE-2017-12603 CVE-2017-12604 CVE-2017-12605 CVE-2017-12606 CVE-2017-12862 CVE-2017-12863 CVE-2017-12864 CVE-2017-14136 CVE-2017-17760 CVE-2017-1000450 CVE-2018-5268 CVE-2018-5269 Early versions of opencv have problems while reading data, which might result in either buffer overflows, out-of bounds errors or integer overflows. Further assertion errors might happen due to incorrect integer cast. For Debian 8 "Jessie", these problems have been fixed in version 2.4.9.1+dfsg-1+deb8u2. We recommend that you upgrade your opencv packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Essential security patches for Debian LTS users regarding opencv have been released to address vulnerabilities related to buffer overflow and integer overflow exploits.. Opencv Security, Debian LTS, Buffer Overflow, Integer Overflow, Software Update. . Severity: Critical. LinuxSecurity.com Team
Jul 22, 2018
•Critical
Debian LTS
202
security advisorymoderatesecurity updateopenSUSE Leap 15.0 2018:1697-1 Moderate: Opencv Heap Over-read
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for opencv ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1697-1 Rating: moderate References: #1074312 Cross-References: CVE-2017-18009 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for opencv fixes this security issue: - CVE-2017-18009: Prevent heap-based buffer over-read in the function cv::HdrDecoder::checkSignature (bsc#1074312). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-629=1 Package List: - openSUSE Leap 15.0 (x86_64): libopencv3_3-3.3.1-lp150.4.3.1 libopencv3_3-debuginfo-3.3.1-lp150.4.3.1 opencv-3.3.1-lp150.4.3.1 opencv-debuginfo-3.3.1-lp150.4.3.1 opencv-debugsource-3.3.1-lp150.4.3.1 opencv-devel-3.3.1-lp150.4.3.1 opencv-doc-3.3.1-lp150.4.3.1 python2-opencv-3.3.1-lp150.4.3.1 python2-opencv-debuginfo-3.3.1-lp150.4.3.1 python3-opencv-3.3.1-lp150.4.3.1 python3-opencv-debuginfo-3.3.1-lp150.4.3.1 References: https://www.suse.com/security/cve/CVE-2017-18009.html https://bugzilla.suse.com/show_bug.cgi?id=1074312 -- . An openSUSE patch resolves a significant vulnerability in opencv, remedying a buffer over-read identified by CVE-2017-18009.. Opencv Security Update, OpenSUSE Patch, Buffer Over-read Fix. . LinuxSecurity.com Team
Jun 15, 2018
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!