CVE-2016-6328 : A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

Published 2018-10-31 22:29:00

Updated 2023-02-12 23:25:05

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowDenial of serviceInformation leak

Exploit prediction scoring system (EPSS) score for CVE-2016-6328

Probability of exploitation activity in the next 30 days: 0.27%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-6328

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:P	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial
6.1	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L	1.8	4.2	Red Hat, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: Low
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H	2.8	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: High

CWE ids for CVE-2016-6328

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)

References for CVE-2016-6328

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6328

1366239 – (CVE-2016-6328) CVE-2016-6328 libexif: Integer overflow in parsing MNOTE entry data of the input file
Issue Tracking;Patch;Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html

[SECURITY] [DLA 2214-1] libexif security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://security.gentoo.org/glsa/202007-05

libexif: Multiple vulnerabilities (GLSA 202007-05) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html

[security-announce] openSUSE-SU-2020:0793-1: moderate: Security update f
Mailing List;Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/4277-1/

USN-4277-1: libexif vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2016-6328

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 19.10
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Libexif Project » Libexif
Versions before (<) 0.6.22
cpe:2.3:a:libexif_project:libexif:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-6328

Exploit prediction scoring system (EPSS) score for CVE-2016-6328

CVSS scores for CVE-2016-6328

CWE ids for CVE-2016-6328

References for CVE-2016-6328

Products affected by CVE-2016-6328