An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. Upstream Issue: https://github.com/Exiv2/exiv2/issues/1530
Created exiv2 tracking bugs for this issue: Affects: fedora-all [bug 1990331] Created mingw-exiv2 tracking bugs for this issue: Affects: fedora-all [bug 1990332]
Upstream patch: https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4173 https://access.redhat.com/errata/RHSA-2021:4173
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4319 https://access.redhat.com/errata/RHSA-2021:4319
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-31292