- Vulnerability/
- USN-4396-1
USN-4396-1: libexif vulnerabilities
First published: Tue Jun 16 2020(Updated: )
It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-0093, CVE-2020-0182) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. (CVE-2020-0198) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2020-13112) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-13113) It was discovered libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-13114)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libexif12 | <0.6.21-6ubuntu0.3 | 0.6.21-6ubuntu0.3 |
| =20.04 | ||
| All of | ||
| ubuntu/libexif12 | <0.6.21-5.1ubuntu0.5 | 0.6.21-5.1ubuntu0.5 |
| =19.10 | ||
| All of | ||
| ubuntu/libexif12 | <0.6.21-4ubuntu0.5 | 0.6.21-4ubuntu0.5 |
| =18.04 | ||
| All of | ||
| ubuntu/libexif12 | <0.6.21-2ubuntu0.5 | 0.6.21-2ubuntu0.5 |
| =16.04 | ||
| All of | ||
| ubuntu/libexif12 | <0.6.21-1ubuntu1+esm5 | 0.6.21-1ubuntu1+esm5 |
| =14.04 | ||
| All of | ||
| ubuntu/libexif12 | <0.6.20-2ubuntu0.6 | 0.6.20-2ubuntu0.6 |
| =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2020-0093
- https://ubuntu.com/security/CVE-2020-0182
- https://ubuntu.com/security/CVE-2020-0198
- https://ubuntu.com/security/CVE-2020-13112
- https://ubuntu.com/security/CVE-2020-13113
- https://ubuntu.com/security/CVE-2020-13114
- https://launchpad.net/ubuntu/+source/libexif/0.6.21-6ubuntu0.3
- https://launchpad.net/ubuntu/+source/libexif/0.6.21-5.1ubuntu0.5
- https://launchpad.net/ubuntu/+source/libexif/0.6.21-4ubuntu0.5
- https://launchpad.net/ubuntu/+source/libexif/0.6.21-2ubuntu0.5
- https://launchpad.net/ubuntu/+source/libexif/0.6.20-2ubuntu0.6
- https://ubuntu.com/security/notices/USN-4396-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-4396-1?
The severity of USN-4396-1 is not specified.
How does libexif handle certain inputs?
Libexif incorrectly handles certain inputs.
What is the potential impact of the vulnerability?
An attacker could possibly use this issue to expose sensitive information.
How do I fix the libexif vulnerability in Ubuntu 20.04?
To fix the libexif vulnerability in Ubuntu 20.04, update the libexif12 package to version 0.6.21-6ubuntu0.3 or later.
Where can I find more information about the libexif vulnerabilities?
You can find more information about the libexif vulnerabilities on the Ubuntu Security Notices website.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/19.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04
- version/ubuntu ubuntu/12.04