Bug 1542049 (CVE-2018-6612)

Summary: CVE-2018-6612 jhead: Integer underflow in the process_EXIF function
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED UPSTREAM QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: adrian
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20180203,reported=20180203,source=debian,cvss3=3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,cwe=CWE-190,fedora-all/jhead=affected,epel-all/jhead=affected
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 03:39:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 1542050, 1542051    
Bug Blocks:    

Description Andrej Nemec 2018-02-05 13:13:18 UTC
An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.

References:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889272

Comment 1 Andrej Nemec 2018-02-05 13:15:06 UTC
Created jhead tracking bugs for this issue:

Affects: epel-all [bug 1542050]
Affects: fedora-all [bug 1542051]

Comment 2 Product Security DevOps Team 2019-06-08 03:39:14 UTC
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.