{"id":"MGASA-2019-0331","summary":"Updated libexif packages fix security vulnerability","details":"The updated packages fix a security vulnerability:\n\nIn libexif, there is a possible out of bounds write due to an integer\noverflow. This could lead to remote escalation of privilege in the media\ncontent provider with no additional execution privileges needed. User\ninteraction is needed for exploitation. (CVE-2019-9278)\n","modified":"2026-04-16T04:42:17.656139829Z","published":"2019-11-19T21:16:53Z","upstream":["CVE-2019-9278"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0331.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25674"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2019/11/07/1"}],"affected":[{"package":{"name":"libexif","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/libexif?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.21-14.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0331.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}