Bug 54009 - opencv: Multiple issues (4.4)
opencv: Multiple issues (4.4)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.4
All Linux
: P3 normal (vote)
: UCS 4.4-8-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-11-01 12:22 CET by Quality Assurance
Modified: 2021-11-03 16:43 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2021-11-01 12:22:45 CET
New Debian opencv 2.4.9.1+dfsg1-2+deb9u1 fixes:
This update addresses the following issues:
* Double free vulnerability on crafted image (CVE-2016-1516)
* out-of-bounds write error in the function FillColorRow1 (CVE-2017-12597)
* out-of-bounds read error in the cv::RBaseStream::readBlock function  (CVE-2017-12598)
* out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R  (CVE-2017-12599)
* buffer overflow in the cv::BmpDecoder::readData function (CVE-2017-12601)
* invalid write in the cv::RLByteStream::getBytes function (CVE-2017-12603)
* out-of-bounds write error in the function FillUniColor (CVE-2017-12604)
* out-of-bounds write error in the function FillColorRow8 (CVE-2017-12605)
* out-of-bounds write error in the function FillColorRow4 (CVE-2017-12606)
* Heap-based buffer over-write in modules/imgcodecs/src/grfmt_pxm.cpp  (CVE-2017-12862)
* Integer overflow in PxMDecoder::readData function in  imgcodecs/src/grfmt_pxm.cpp (CVE-2017-12863)
* Integer overflow in ReadNumber function in  opencv/modules/imgcodecs/src/grfmt_pxm.cpp (CVE-2017-12864)
* Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp  (CVE-2017-17760)
* out of bounds write in functions FillUniColor and FillUniGray in  opencv/modules/imgcodecs/src/utils.cpp (CVE-2017-1000450)
* Heap-based buffer overflow in cv::Jpeg2KDecoder::readComponent8u  (CVE-2018-5268)
* Assertion failure due to incorrect integer cast (CVE-2018-5269)
* NULL pointer dereference in function cv::XMLParser::parse() in  persistence_xml.cpp leading to DoS (CVE-2019-14493)
* division by zero in cv::HOGDescriptor::getDescriptorSize in  modules/objdetect/src/hog.cpp (CVE-2019-15939)
Comment 1 Quality Assurance univentionstaff 2021-11-01 13:01:00 CET
--- mirror/ftp/4.3/unmaintained/4.3-0/source/opencv_2.4.9.1+dfsg1-2.dsc
+++ apt/ucs_4.4-0-errata4.4-8/source/opencv_2.4.9.1+dfsg1-2+deb9u1.dsc
@@ -1,3 +1,16 @@
+2.4.9.1+dfsg1-2+deb9u1 [Fri, 29 Oct 2021 23:02:09 +0200] Markus Koschany <apo@debian.org>:
+
+  * Non-maintainer upload by the LTS team.
+  * Fix CVE-2016-1516, CVE-2017-12597, CVE-2017-12598,CVE-2017-12599,
+    CVE-2017-12601, CVE-2017-12603, CVE-2017-12604, CVE-2017-12605,
+    CVE-2017-12606, CVE-2017-12862, CVE-2017-12863, CVE-2017-12864,
+    CVE-2017-17760, CVE-2017-1000450, CVE-2018-5268, CVE-2018-5269,
+    CVE-2019-14493 and CVE-2019-15939.
+  * Several security vulnerabilities have been discovered in OpenCV, the Open
+    Computer Vision Library. Buffer overflows, NULL pointer dereferences and
+    out-of-bounds write error may lead to a denial-of-service or other
+    unspecified impact.
+
 2.4.9.1+dfsg1-2 [Mon, 03 Apr 2017 18:28:26 +0200] Mattia Rizzolo <mattia@debian.org>:
 
   * Team upload.

<http://piuparts.knut.univention.de/4.4-8/#8858042785928967388>
Comment 2 Philipp Hahn univentionstaff 2021-11-03 10:12:45 CET
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts