CVE-2020-13114

Priority
Description
An issue was discovered in libexif before 0.6.22. An unrestricted size in
handling Canon EXIF MakerNote data could lead to consumption of large
amounts of compute time for decoding EXIF data.
Assigned-to
leosilva
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (0.6.20-2ubuntu0.6)
Ubuntu 14.04 ESM (Trusty Tahr):released (0.6.21-1ubuntu1+esm5)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.6.21-2ubuntu0.5)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.6.21-4ubuntu0.5)
Ubuntu 19.10 (Eoan Ermine):released (0.6.21-5.1ubuntu0.5)
Ubuntu 20.04 LTS (Focal Fossa):released (0.6.21-6ubuntu0.3)
Ubuntu 20.10 (Groovy Gorilla):not-affected (0.6.22-1)
Patches:
Upstream:https://github.com/libexif/libexif/commit/e6a38a1a23ba94d139b1fa2cd4519fdcfe3c9bab (0.6.22)
More Information

Updated: 2020-06-17 11:15:51 UTC (commit 1b19f50e4c6870870f6ea8777f514e7de4795a2b)