Buffer Overflow Vulnerability in jhead by Matthias Wandel
CVE-2021-34055

7.8HIGH

Key Information:

Vendor

Jhead Project

Status
Jhead
Vendor
CVE Published:
4 November 2022

What is CVE-2021-34055?

The software jhead version 3.06 is susceptible to a buffer overflow issue caused by improper handling of user input in the function Put16u located in exif.c. This vulnerability could allow an attacker to execute arbitrary code or crash the application, compromising system integrity. It is crucial for users of jhead to upgrade to the latest version to mitigate any potential exploitation risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/Matthias-Wandel/jhead/issues/36
https://lists.debian.org/debian-lts-announce/2022/12/msg0...
mailing-list
https://www.debian.org/security/2022/dsa-5294
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.