CVE-2020-6625

CVE-2020-6625

EPSS 1.4%

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugs.gentoo.org/711220#c3 https://bugs.gentoo.org/876247#c0 https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746 https://security.gentoo.org/glsa/202007-17