Vulnerability Name:

CVE-2021-34335 (CCN-207132)

Assigned:2021-08-07
Published:2021-08-07
Updated:2021-09-21
Summary:Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-369
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-34335

Source: XF
Type: UNKNOWN
exiv2-cve202134335-dos(207132)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/Exiv2/exiv2/pull/1750

Source: CCN
Type: Exiv2 GIT Repository
Denial of service due to FPE in Exiv2::Internal::resolveLens0xffff

Source: CONFIRM
Type: Third Party Advisory
https://github.com/Exiv2/exiv2/security/advisories/GHSA-pvjp-m4f6-q984

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-399f869889

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-cbaef8e2d5

Vulnerable Configuration:Configuration 1:
  • cpe:/a:exiv2:exiv2:*:*:*:*:*:*:*:* (Version <= 0.27.4)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:exiv2:exiv2:0.27.1:*:*:*:*:*:*:*
  • OR cpe:/a:exiv2:exiv2:0.27.2:*:*:*:*:*:*:*
  • OR cpe:/a:exiv2:exiv2:0.27.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:exiv2:exiv2:0.27.3:-:*:*:*:*:*:*
  • OR cpe:/a:exiv2:exiv2:0.27.4:rc1:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    exiv2 exiv2 *
    fedoraproject fedora 33
    fedoraproject fedora 34
    exiv2 exiv2 0.27.1
    exiv2 exiv2 0.27.2
    exiv2 exiv2 0.27.4 rc1
    exiv2 exiv2 0.27.3 -
    exiv2 exiv2 0.27.4 rc1