PT-2019-6436 · Intel+3 · Opencv+3

Butterfly

Publicado

2019-07-23

Atualizado

2024-06-15

CVE-2019-14491

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenCV versions prior to 3.4.7 OpenCV versions 4.x prior to 4.1.1

Description The issue is related to an out of bounds read in the cv::predictOrdered<cv::HaarEvaluator> function in modules/objdetect/src/cascadedetect.hpp. This can lead to denial of service and potentially allow a remote attacker to access confidential data.

Recommendations For OpenCV versions prior to 3.4.7, update to version 3.4.7 or later. For OpenCV versions 4.x prior to 4.1.1, update to version 4.1.1 or later. As a temporary workaround, consider disabling the cv::predictOrdered<cv::HaarEvaluator> function until a patch is available.

Exploit

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2024-06972

CVE-2019-14491

GHSA-FM39-CW8H-3P63

MGASA-2020-0030

OPENSUSE-SU-2019:2671-1

OPENSUSE-SU-2019_2671-1

OPENSUSE-SU-2024:11115-1

OPENSUSE-SU-2024:11116-1

SUSE-SU-2019:3192-1

SUSE-SU-2019:3192-2

SUSE-SU-2019_3192-1

SUSE-SU-2019_3192-2

USN-4818-1

Produtos afetados

Astra Linux

Opencv

Suse

Ubuntu

PT-2019-6436 · Intel+3 · Opencv+3

CVE-2019-14491

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 45