Lucene search

GoogleOSV:ASB-A-194342672

HistoryFeb 01, 2022 - 12:00 a.m.

[libexif] Vulnerability: 2 vulnerabilities

2022-02-0100:00:00

Google

osv.dev

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.5%

JSON

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
:unknown:eq11
:unknown:eq10

CPE	Name	Operator	Version
	:unknown:	eq	11
	:unknown:	eq	10

References

source.android.com/security/bulletin/2022-02-01