Note:
This project will be discontinued after December 13, 2021. [more]
2020-05-21
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
| Products | Ubuntu_linux, Debian_linux, Libexif, Leap |
| Type | Use of Uninitialized Resource (CWE-908) |
| First patch | - None (likely due to unavailable code) |
| Patches | https://github.com/libexif/libexif/commit/ec412aa4583ad71ecabb967d3c77162760169d1f |
| Links |
• https://security.gentoo.org/glsa/202007-05
• https://lists.debian.org/debian-lts-announce/2020/05/msg00025.html • https://usn.ubuntu.com/4396-1/ • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html |