1
Candidate: CVE-2017-7544
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
6
libexif through 0.6.21 is vulnerable to out-of-bounds heap read
7
vulnerability in exif_data_save_data_entry function in libexif/exif-data.c
8
caused by improper length computation of the allocated data of an ExifMnote
9
entry which can cause denial-of-service or possibly information disclosure.
13
https://sourceforge.net/p/libexif/bugs/130/
14
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876466
16
Discovered-by: Lili Xu and Bingchang Liu
20
upstream: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/exif-data.c?r1=1.131&r2=1.132
21
upstream_libexif: needs-triage
22
precise/esm_libexif: needed
23
trusty_libexif: needed
24
vivid/ubuntu-core_libexif: DNE
25
xenial_libexif: needed
26
zesty_libexif: ignored (reached end-of-life)
27
artful_libexif: needed
28
bionic_libexif: needed