SB2018092420 - OpenSUSE Linux update for jhead

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018092420

SB2018092420 - OpenSUSE Linux update for jhead

Published: September 24, 2018

Security Bulletin ID SB2018092420
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2016-3822)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315.


2) Format string error (CVE-ID: CVE-2018-16554)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.


Remediation

Install update from vendor's website.

References