CVE-2021-37620

09.08.2021, 19:15

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.7 MEDIUM	LOCAL	HIGH	NONE	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
GitHub_M	CNA	4.7 MEDIUM	LOCAL	HIGH	NONE	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Vendor	Product	Version
exiv2	exiv2	𝑥 < 0.27.5
debian	debian_linux	10.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

exiv2

bullseye	0.27.3-3+deb11u2 fixed
stretch	ignored
bullseye (security)	vulnerable
bookworm	0.27.6-1 fixed
sid	0.28.3+dfsg-2 fixed
trixie	0.28.3+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

exiv2

jammy	Fixed 0.27.3-3ubuntu4 released
impish	Fixed 0.27.3-3ubuntu4.1 released
hirsute	Fixed 0.27.3-3ubuntu1.6 released
focal	Fixed 0.27.2-8ubuntu2.7 released
bionic	Fixed 0.25-3.1ubuntu0.18.04.11 released
xenial	Fixed 0.25-2.1ubuntu16.04.7+esm4 released
trusty	dne

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

https://github.com/Exiv2/exiv2/pull/1769

https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728

https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/