CVE-2019-14491
Published: 1 August 2019
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
From the Ubuntu Security Team
It was discovered that OpenCV incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
Notes
Author | Note |
---|---|
ccdm94 | in xenial and earlier, it is necessary to backport the fix for this CVE. However, changes in the code that have occurred since the release of versions available in xenial and earlier cause this backport to be quite intrusive. To backport and properly apply the patch, it would be necessary to alter library functions that are exported, meaning that it would be necessary to alter their interfaces, which could end up causing regressions in software that uses the opencv library to operate. It also seems like a backported version of the patch does not completely fix the vulnerability, with the POC file causing a similar crash, even after the fix is applied. |
Priority
Status
Package | Release | Status |
---|---|---|
opencv Launchpad, Ubuntu, Debian |
disco |
Ignored
(end of life)
|
upstream |
Released
(3.4.7)
|
|
hirsute |
Not vulnerable
(4.2.0+dfsg-5)
|
|
kinetic |
Not vulnerable
(4.6.0+dfsg-4)
|
|
bionic |
Released
(3.2.0+dfsg-4ubuntu0.1+esm2)
Available with Ubuntu Pro |
|
eoan |
Ignored
(end of life)
|
|
focal |
Not vulnerable
(4.2.0+dfsg-5)
|
|
groovy |
Not vulnerable
(4.2.0+dfsg-5)
|
|
impish |
Not vulnerable
(4.2.0+dfsg-5)
|
|
jammy |
Not vulnerable
(4.5.4+dfsg-9ubuntu4)
|
|
lunar |
Not vulnerable
(4.6.0+dfsg-4)
|
|
trusty |
Ignored
(see notes)
|
|
xenial |
Ignored
(see notes)
|
|
Patches: upstream: https://github.com/opencv/opencv/commit/321c74ccd6077bdea1d47450ca4fe955cb5b6330 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.2 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | Low |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H |