An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | exiv2 | < 0.27.2-8 | exiv2_0.27.2-8_all.deb |
Debian | 11 | all | exiv2 | < 0.27.2-8 | exiv2_0.27.2-8_all.deb |
Debian | 10 | all | exiv2 | < 0.25-4+deb10u2 | exiv2_0.25-4+deb10u2_all.deb |
Debian | 999 | all | exiv2 | < 0.27.2-8 | exiv2_0.27.2-8_all.deb |
Debian | 13 | all | exiv2 | < 0.27.2-8 | exiv2_0.27.2-8_all.deb |