USN-4818-1
- Source
- https://ubuntu.com/security/notices/USN-4818-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4818-1.json
- Related
- Published
- 2022-09-28T14:52:46.781826Z
- Modified
- 2022-09-28T14:52:46.781826Z
- Summary
- opencv vulnerabilities
- Details
-
It was discovered that OpenCV did not properly manage certain objects, leading to a divide-by-zero. If a user were tricked into loading a specially crafted file, a remote attacker could potentially use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15939)
It was discovered that OpenCV did not properly manage certain files, leading to an out of bounds read. If a user were tricked into loading a specially crafted file, a remote attacker could potentially use this issue to make OpenCV crash, resulting in a denial of service. This issue was only fixed in Ubuntu 18.04 ESM. (CVE-2019-14491, CVE-2019-14492)
It was discovered that OpenCV did not properly manage certain XML data, leading to a NULL pointer dereference. If a user were tricked into loading a specially crafted file, a remote attacker could potentially use this issue to make OpenCV crash, resulting in a denial of service. This issue was only fixed in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2019-14493)
It was discovered that OpenCV did not properly manage certain files, leading to a heap-based buffer overflow. If a user were tricked into loading a specially crafted file, a remote attacker could potentially use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 ESM. (CVE-2017-18009)
- References
Affected packages
Ubuntu:Pro:14.04:LTS / opencv
Package
- Name
- opencv
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.4.8+dfsg1-2ubuntu1.2+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"libopencv-objdetect-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-calib3d2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-video-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-photo2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-contrib-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ts-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-features2d2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libcvaux2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libcvaux-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-photo-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-legacy2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-contrib2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-videostab2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ocl-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ocl2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv2.4-jni": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-gpu2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ts2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-legacy-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-imgproc-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"python-opencv": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-stitching2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-gpu-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-core-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-core2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-video2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-superres-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-imgproc2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-stitching-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libcv2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv2.4-java": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"opencv-doc": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-highgui-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-superres2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-flann-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ml-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-objdetect2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-flann2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-calib3d-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libhighgui-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libhighgui2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-ml2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"opencv-data": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-highgui2.4": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libcv-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-videostab-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1",
"libopencv-features2d-dev": "2.4.8+dfsg1-2ubuntu1.2+esm1"
}
]
}
Ubuntu:Pro:18.04:LTS / opencv
Package
- Name
- opencv
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed3.2.0+dfsg-4ubuntu0.1+esm3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"libopencv-objdetect-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-video-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-videostab3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-contrib-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-ts-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-photo3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-imgcodecs3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-photo-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-viz-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-imgcodecs-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-shape-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-viz3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv3.2-jni": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-imgproc-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"python-opencv": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-core3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-core-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-ml3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-imgproc3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv3.2-java": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-shape3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-stitching-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-video3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-videoio3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"opencv-doc": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-stitching3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-highgui3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-flann-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-ml-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-highgui-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"opencv-data": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-calib3d-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-objdetect3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-videoio-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-flann3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-superres-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-contrib3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-calib3d3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-features2d3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"python3-opencv": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-videostab-dev": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-superres3.2": "3.2.0+dfsg-4ubuntu0.1+esm3",
"libopencv-features2d-dev": "3.2.0+dfsg-4ubuntu0.1+esm3"
}
]
}
Ubuntu:Pro:16.04:LTS / opencv
Package
- Name
- opencv
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed2.4.9.1+dfsg-1.5ubuntu1.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"libopencv-contrib2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libcvaux2.4": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-video-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-video2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-contrib-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ts-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-objdetect-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-calib3d2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-core2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-photo2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-features2d2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libcvaux-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-photo-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-legacy2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-imgproc2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-videostab2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ocl-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-objdetect2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv2.4-jni": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-legacy-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-imgproc-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"python-opencv": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-gpu-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-core-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-highgui2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-superres-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ml2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-stitching-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libcv2.4": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv2.4-java": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"opencv-doc": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-highgui-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-flann-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ml-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ts2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"opencv-data": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-calib3d-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libhighgui2.4": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libhighgui-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-flann2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-gpu2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-superres2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-ocl2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libcv-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-videostab-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-stitching2.4v5": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1",
"libopencv-features2d-dev": "2.4.9.1+dfsg-1.5ubuntu1.1+esm1"
}
]
}