suse · CVE-2017-7544

Quick triage

Priority: low Published: 2021-05-30 13:54:52 UTC Updated: 2026-04-18 09:08:07 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-7544 severity low: SUSE including 28 source package names (libexif-0.6.17-2.14.3.1, libexif-32bit-0.6.17-2.14.3.1, …), 116 product×package rows across 64 product lines (HPE Helion OpenStack 8, SUSE Enterprise Storage 5, … (64 product lines)): Fixed 116.

Description:

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.

cvelogic Threat Intelligence