SUSE update for exiv2
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2019-13111 CVE-2021-29463 CVE-2021-34334 |
| CWE-ID | CWE-190 CWE-125 CWE-835 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system SUSE Linux Enterprise Storage Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Linux Enterprise Desktop Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications Operating systems & Components / Operating system SUSE Linux Enterprise Module for Desktop Applications Operating systems & Components / Operating system exiv2-lang Operating systems & Components / Operating system package or component libexiv2-26-32bit-debuginfo Operating systems & Components / Operating system package or component libexiv2-26-32bit Operating systems & Components / Operating system package or component libexiv2-doc Operating systems & Components / Operating system package or component libexiv2-devel Operating systems & Components / Operating system package or component libexiv2-26-debuginfo Operating systems & Components / Operating system package or component libexiv2-26 Operating systems & Components / Operating system package or component exiv2-debugsource Operating systems & Components / Operating system package or component exiv2-debuginfo Operating systems & Components / Operating system package or component exiv2 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU20306
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2019-13111
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to integer overflow in WebPImage::decodeChunks() function. A remote attacker can create a specially crafted WEBP image, pass it to the application, trigger integer overflow and crash the affected application.
MitigationUpdate the affected package exiv2 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS
SUSE Linux Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Desktop: 15-SP3
openSUSE Leap: 15.3
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
SUSE Linux Enterprise Server for SAP Applications: 15-SP3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP3
exiv2-lang: before 0.26-150000.6.21.1
libexiv2-26-32bit-debuginfo: before 0.26-150000.6.21.1
libexiv2-26-32bit: before 0.26-150000.6.21.1
libexiv2-doc: before 0.26-150000.6.21.1
libexiv2-devel: before 0.26-150000.6.21.1
libexiv2-26-debuginfo: before 0.26-150000.6.21.1
libexiv2-26: before 0.26-150000.6.21.1
exiv2-debugsource: before 0.26-150000.6.21.1
exiv2-debuginfo: before 0.26-150000.6.21.1
exiv2: before 0.26-150000.6.21.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_module_for_desktop_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:exiv2-lang:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223892-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Out-of-bounds read
EUVDB-ID: #VU84710
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-29463
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within Exiv2::WebPImage::doWriteMetadata(). A remote attacker can pass a specially crafted file to the application and perform a denial of service attack.
Update the affected package exiv2 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS
SUSE Linux Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Desktop: 15-SP3
openSUSE Leap: 15.3
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
SUSE Linux Enterprise Server for SAP Applications: 15-SP3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP3
exiv2-lang: before 0.26-150000.6.21.1
libexiv2-26-32bit-debuginfo: before 0.26-150000.6.21.1
libexiv2-26-32bit: before 0.26-150000.6.21.1
libexiv2-doc: before 0.26-150000.6.21.1
libexiv2-devel: before 0.26-150000.6.21.1
libexiv2-26-debuginfo: before 0.26-150000.6.21.1
libexiv2-26: before 0.26-150000.6.21.1
exiv2-debugsource: before 0.26-150000.6.21.1
exiv2-debuginfo: before 0.26-150000.6.21.1
exiv2: before 0.26-150000.6.21.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_module_for_desktop_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:exiv2-lang:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223892-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Infinite loop
EUVDB-ID: #VU69649
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-34334
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when processing metadata of image files. A remote attacker can pass a specially crafted image to the application, consume all available system resources and cause denial of service conditions.
MitigationUpdate the affected package exiv2 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS
SUSE Linux Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2
SUSE Linux Enterprise Desktop: 15-SP3
openSUSE Leap: 15.3
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
SUSE Linux Enterprise Server for SAP Applications: 15-SP3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP3
exiv2-lang: before 0.26-150000.6.21.1
libexiv2-26-32bit-debuginfo: before 0.26-150000.6.21.1
libexiv2-26-32bit: before 0.26-150000.6.21.1
libexiv2-doc: before 0.26-150000.6.21.1
libexiv2-devel: before 0.26-150000.6.21.1
libexiv2-26-debuginfo: before 0.26-150000.6.21.1
libexiv2-26: before 0.26-150000.6.21.1
exiv2-debugsource: before 0.26-150000.6.21.1
exiv2-debuginfo: before 0.26-150000.6.21.1
exiv2: before 0.26-150000.6.21.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP3-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_module_for_desktop_applications:15-SP3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:exiv2-lang:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libexiv2-26:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:exiv2:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223892-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
