CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
81.1%
USN-5497-1 fixed vulnerabilities in Libjpeg6b. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Libjpeg6b was not properly performing bounds
checks when compressing PPM and Targa image files. An attacker could
possibly use this issue to cause a denial of service.
(CVE-2018-11212)
Chijin Zhou discovered that Libjpeg6b was incorrectly handling the
EOF character in input data when generating JPEG files. An attacker
could possibly use this issue to force the execution of a large loop,
force excessive memory consumption, and cause a denial of service.
(CVE-2018-11813)
Sheng Shu and Dongdong She discovered that Libjpeg6b was not properly
limiting the amount of memory being used when it was performing
decompression or multi-pass compression operations. An attacker could
possibly use this issue to force excessive memory consumption and
cause a denial of service. (CVE-2020-14152)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | libjpeg62 | < 1:6b2-2ubuntu0.1~esm1 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62 | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dbg | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dbgsym | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dev | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dev-dbgsym | < 1:6b2-2 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
81.1%