Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-13113: Ensure the MakerNote data pointers are initialized with NULL. · libexif/libexif@ec412aa

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.

CVE
#rce

Permalink

Browse files

Ensure the MakerNote data pointers are initialized with NULL.

This ensures that an uninitialized pointer isn’t dereferenced later in the case where the number of components (and therefore size) is 0.

This fixes the second issue reported at https://sourceforge.net/p/libexif/bugs/125/

CVE-2020-13113

  • Loading branch information

Showing with 4 additions and 0 deletions.

  1. +1 −0 libexif/canon/exif-mnote-data-canon.c
  2. +1 −0 libexif/fuji/exif-mnote-data-fuji.c
  3. +1 −0 libexif/olympus/exif-mnote-data-olympus.c
  4. +1 −0 libexif/pentax/exif-mnote-data-pentax.c

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907