LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

exif: information leak

Package(s):exif CVE #(s):CVE-2012-2845
Created:July 13, 2012 Updated:April 5, 2013
Description: From the Mandriva advisory:

An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file.

Alerts:
Mandriva MDVSA-2012:107 2012-07-13
Mageia MGASA-2012-0167 2012-07-14
Slackware SSA:2012-200-01 2012-07-18
Fedora FEDORA-2012-10819 2012-07-26
Fedora FEDORA-2012-10854 2012-07-26
Fedora FEDORA-2013-1257 2013-02-08
Fedora FEDORA-2013-1244 2013-02-08
Mandriva MDVSA-2013:036 2013-04-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds