CVE-2018-20097 – exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function

https://notcve.org/view.php?id=CVE-2018-20097

12 Dec 2018 — There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. Hay un SEGV en Exiv2::Internal::TiffParserWorker::findPrimaryGroups en tiffimage_int.cpp en Exiv2 0.27-RC3. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JP... • https://access.redhat.com/errata/RHSA-2019:2101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •