<html>
<head>
<base href="https://bugzilla.rosalinux.ru/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Platform</th>
<td>2021.1
</td>
</tr>
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_CONFIRMED "
title="CONFIRMED - [CVE 21] openexr 2.5.5 CVEs found"
href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=13286">13286</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[CVE 21] openexr 2.5.5 CVEs found
</td>
</tr>
<tr>
<th>Classification</th>
<td>ROSA-based products
</td>
</tr>
<tr>
<th>Product</th>
<td>ROSA Fresh
</td>
</tr>
<tr>
<th>Version</th>
<td>All
</td>
</tr>
<tr>
<th>Hardware</th>
<td>All
</td>
</tr>
<tr>
<th>URL</th>
<td>CVE-2021-23169, CVE-2021-23215, CVE-2021-26260, CVE-2021-26945, CVE-2021-3474, CVE-2021-3475, CVE-2021-3476, CVE-2021-3477, CVE-2021-3478, CVE-2021-3479, CVE-2021-3598, CVE-2021-3605, CVE-2021-3933,
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>CONFIRMED
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>Normal
</td>
</tr>
<tr>
<th>Component</th>
<td>System (kernel, glibc, systemd, bash, PAM...)
</td>
</tr>
<tr>
<th>Assignee</th>
<td>bugs@lists.rosalinux.ru
</td>
</tr>
<tr>
<th>Reporter</th>
<td>y.tumanov@rosalinux.ru
</td>
</tr>
<tr>
<th>QA Contact</th>
<td>bugs@lists.rosalinux.ru
</td>
</tr>
<tr>
<th>CC</th>
<td>s.matveev@rosalinux.ru, y.tumanov@rosalinux.ru
</td>
</tr>
<tr>
<th>Target Milestone</th>
<td>---
</td>
</tr>
<tr>
<th>Flags</th>
<td>secteam_verified?
</td>
</tr></table>
<p>
<div>
<pre>Please patch CVEs for package openexr version 2.5.5
INFO (CVEs are): openexr 2.5.5
cves found
CVE-2021-23169
Desc: A heap-buffer overflow was found in the copyIntoFrameBuffer function of
OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute
arbitrary code with the permissions of the user running the application
compiled against OpenEXR.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23169">https://nvd.nist.gov/vuln/detail/CVE-2021-23169</a>
Severity: HIGH
CVE-2021-23215
Desc: An integer overflow leading to a heap-buffer overflow was found in the
DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this
flaw to crash an application compiled with OpenEXR.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23215">https://nvd.nist.gov/vuln/detail/CVE-2021-23215</a>
Severity: MEDIUM
CVE-2021-26260
Desc: An integer overflow leading to a heap-buffer overflow was found in the
DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this
flaw to crash an application compiled with OpenEXR. This is a different flaw
from CVE-2021-23215.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-26260">https://nvd.nist.gov/vuln/detail/CVE-2021-26260</a>
Severity: MEDIUM
CVE-2021-26945
Desc: An integer overflow leading to a heap-buffer overflow was found in
OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an
application compiled with OpenEXR.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-26945">https://nvd.nist.gov/vuln/detail/CVE-2021-26945</a>
Severity: MEDIUM
CVE-2021-3474
Desc: There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input
file that is processed by OpenEXR could cause a shift overflow in the
FastHufDecoder, potentially leading to problems with application availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3474">https://nvd.nist.gov/vuln/detail/CVE-2021-3474</a>
Severity: MEDIUM
CVE-2021-3475
Desc: There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who
can submit a crafted file to be processed by OpenEXR could cause an integer
overflow, potentially leading to problems with application availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3475">https://nvd.nist.gov/vuln/detail/CVE-2021-3475</a>
Severity: MEDIUM
CVE-2021-3476
Desc: A flaw was found in OpenEXR's B44 uncompression functionality in versions
before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR
could trigger shift overflows, potentially affecting application availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3476">https://nvd.nist.gov/vuln/detail/CVE-2021-3476</a>
Severity: MEDIUM
CVE-2021-3477
Desc: There's a flaw in OpenEXR's deep tile sample size calculations in
versions before 3.0.0-beta. An attacker who is able to submit a crafted file to
be processed by OpenEXR could trigger an integer overflow, subsequently leading
to an out-of-bounds read. The greatest risk of this flaw is to application
availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3477">https://nvd.nist.gov/vuln/detail/CVE-2021-3477</a>
Severity: MEDIUM
CVE-2021-3478
Desc: There's a flaw in OpenEXR's scanline input file functionality in versions
before 3.0.0-beta. An attacker able to submit a crafted file to be processed by
OpenEXR could consume excessive system memory. The greatest impact of this flaw
is to system availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3478">https://nvd.nist.gov/vuln/detail/CVE-2021-3478</a>
Severity: MEDIUM
CVE-2021-3479
Desc: There's a flaw in OpenEXR's Scanline API functionality in versions before
3.0.0-beta. An attacker who is able to submit a crafted file to be processed by
OpenEXR could trigger excessive consumption of memory, resulting in an impact
to system availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3479">https://nvd.nist.gov/vuln/detail/CVE-2021-3479</a>
Severity: MEDIUM
CVE-2021-3598
Desc: There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in
versions prior to 3.0.5. An attacker who is able to submit a crafted file to an
application linked with OpenEXR could cause an out-of-bounds read. The greatest
risk from this flaw is to application availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3598">https://nvd.nist.gov/vuln/detail/CVE-2021-3598</a>
Severity: MEDIUM
CVE-2021-3605
Desc: There's a flaw in OpenEXR's rleUncompress functionality in versions prior
to 3.0.5. An attacker who is able to submit a crafted file to an application
linked with OpenEXR could cause an out-of-bounds read. The greatest risk from
this flaw is to application availability.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3605">https://nvd.nist.gov/vuln/detail/CVE-2021-3605</a>
Severity: MEDIUM
CVE-2021-3933
Desc: An integer overflow could occur when OpenEXR processes a crafted file on
systems where size_t < 64 bits. This could cause an invalid bytesPerLine and
maxBytesPerLine value, which could lead to problems with application stability
or lead to other attack paths.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3933">https://nvd.nist.gov/vuln/detail/CVE-2021-3933</a>
Severity: MEDIUM</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>