Vulnerability Name:

CVE-2021-32617 (CCN-203119)

Assigned:2021-05-16
Published:2021-05-16
Updated:2022-05-13
Summary:Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm (quadratic complexity) was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4. Note that this bug is only triggered when _writing_ the metadata, which is a less frequently used Exiv2 operation than _reading_ the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `rm`.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
6.2 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.4 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-400
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-32617

Source: XF
Type: UNKNOWN
exiv2-cve202132617-dos(203119)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/Exiv2/exiv2/pull/1657

Source: CCN
Type: Exiv2 GIT Repository
Denial of service due to quadratic complexity in ProcessUTF8Portion

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-d1d5a0bf0f

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-8253c78bd7

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-bdba47348c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-8917c5d9d2

Vulnerable Configuration:Configuration 1:
  • cpe:/a:exiv2:exiv2:*:*:*:*:*:*:*:* (Version < 0.27.4)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:exiv2:exiv2:0.27.3:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7930
    P
    		libexiv2-27-0.27.5-150400.15.4.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:630
    P
    		Security update for exiv2 (Important) (in QA)
    2022-09-29
    oval:com.redhat.rhsa:def:20214173
    P
    		RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate)
    2021-11-09
    BACK
    exiv2 exiv2 *
    fedoraproject fedora 33
    fedoraproject fedora 34
    exiv2 exiv2 0.27.3 -