New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2018-19607: SEGV in Exiv2::isoSpeed at easyaccess.cpp:178 #561
Labels
Comments
|
Confirmed. I could reproduce the issue in my desktop with Ubuntu 18.04 and gcc-7.3. Thanks for reporting! We will try to fix this issue ASAP. |
Merged
piponazo
added a commit
that referenced
this issue
Nov 26, 2018
piponazo
added a commit
that referenced
this issue
Nov 26, 2018
|
@Marsman1996 the issue should be fixed now. Could you please confirm? |
|
This issue has been assigned CVE-2018-19607 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tested in ubuntu 16.04 64bit, exiv2 (master 3f2e0de && 0.27-RC2)
$ exiv2 $POCPOC file
gdb info:
ASAN info:
Addition: This bug was found with mem-AFL, which is based on AFL. Mem-AFL is developed by Yanhao(unfuzzable123@gmail.com) & Marsman1996(lqliuyuwei@outlook.com)
The text was updated successfully, but these errors were encountered: