CVE-2019-1010301

Priority
Description
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of
service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack
vector is: Open a specially crafted JPEG file.
Ubuntu-Description
It was discovered that jhead did not properly handle certain crafted input. If
a user were tricked into opening a malicious JPEG file, a remote attacker could
cause jhead to crash.
Notes
Package
Source: jhead (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):not-affected (1:3.03-2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (1:3.03-2)
More Information

Updated: 2020-09-28 20:17:06 UTC (commit 2cfd58150572cb53bc7d970ca383a66bfd44273c)