CVE-2019-14492

Published: 1 August 2019

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

From the Ubuntu Security Team

It was discovered that OpenCV incorrectly handled certain files. An attaacker could possibly use this issue to cause a denial of service.

Notes

the commit that fixes this issue is the same as the one for
CVE-2019-14491. See: https://github.com/opencv/opencv/pull/15150.
In xenial and earlier, it is necessary to backport the fix
for this CVE. However, changes in the code that have occurred
since the release of versions available in xenial and earlier
cause this backport to be quite intrusive. To backport and
properly apply the patch, it would be necessary to alter
library functions that are exported, meaning that it would be
necessary to alter their interfaces, which could end up
causing regressions in software that uses the opencv library
to operate. It also seems like a backported version of the
patch does not completely fix the vulnerability, with the POC
file causing a similar crash, even after the fix is applied.

Status

Severity score breakdown

References

• https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
• https://github.com/opencv/opencv/compare/371bba8...ddbd10c
• https://github.com/opencv/opencv/issues/15124
• https://ubuntu.com/security/notices/USN-4818-1
• https://www.cve.org/CVERecord?id=CVE-2019-14492
• NVD
• Launchpad
• Debian