Gentoo Archives: gentoo-announce

From: Raphael Marichez <falco@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200706-09 ] libexif: Buffer overflow
Date: Tue, 26 Jun 2007 21:52:26
Message-Id: 20070626212202.GA12137@falco.falcal.net
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200706-09
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: libexif: Buffer overflow
9 Date: June 26, 2007
10 Bugs: #181922
11 ID: 200706-09
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 libexif does not properly handle image EXIF information, possibly
19 allowing for the execution of arbitrary code.
20
21 Background
22 ==========
23
24 libexif is a library for parsing, editing and saving EXIF metadata from
25 images.
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 media-libs/libexif < 0.6.16 >= 0.6.16
34
35 Description
36 ===========
37
38 iDefense Labs have discovered that the exif_data_load_data_entry()
39 function in libexif/exif-data.c improperly handles integer data while
40 working with an image with many EXIF components, allowing an integer
41 overflow possibly leading to a heap-based buffer overflow.
42
43 Impact
44 ======
45
46 An attacker could entice a user of an application making use of a
47 vulnerable version of libexif to load a specially crafted image file,
48 possibly resulting in a crash of the application or the execution of
49 arbitrary code with the rights of the user running the application.
50
51 Workaround
52 ==========
53
54 There is no known workaround at this time.
55
56 Resolution
57 ==========
58
59 All libexif users should upgrade to the latest version:
60
61 # emerge --sync
62 # emerge --ask --oneshot --verbose ">=media-libs/libexif-0.6.16"
63
64 References
65 ==========
66
67 [ 1 ] CVE-2006-4168
68 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168
69
70 Availability
71 ============
72
73 This GLSA and any updates to it are available for viewing at
74 the Gentoo Security Website:
75
76 http://security.gentoo.org/glsa/glsa-200706-09.xml
77
78 Concerns?
79 =========
80
81 Security is a primary focus of Gentoo Linux and ensuring the
82 confidentiality and security of our users machines is of utmost
83 importance to us. Any security concerns should be addressed to
84 security@g.o or alternatively, you may file a bug at
85 http://bugs.gentoo.org.
86
87 License
88 =======
89
90 Copyright 2007 Gentoo Foundation, Inc; referenced text
91 belongs to its owner(s).
92
93 The contents of this document are licensed under the
94 Creative Commons - Attribution / Share Alike license.
95
96 http://creativecommons.org/licenses/by-sa/2.5