An out-of-bounds heap read vulnerability was found in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure. Upstream bug: https://sourceforge.net/p/libexif/bugs/130/
Acknowledgments: Name: Lili Xu (Chinese Acadamy of Sciences), Bingchang Liu (Chinese Acadamy of Sciences)
Created libexif tracking bugs for this issue: Affects: fedora-all [bug 1494197]