CVE-2016-3822 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-3822 Interim 1 20 2025-04-22T23:46:12Z current 2021-05-30T13:40:59Z 2025-04-22T23:46:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-3822 exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V67MQXLUSFLFSIKBUYVHEYJKQUWWZYC3/#V67MQXLUSFLFSIKBUYVHEYJKQUWWZYC3 E-Mail link for openSUSE-SU-2018:2827-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JPTEPBJVJFSKKHSTZER2JVIMRP7MGN2C/ E-Mail link for openSUSE-SU-2021:0743-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3GBTHCPCHWJ3JG5IDEDAYSW5LVUEVXYH/ E-Mail link for openSUSE-SU-2021:0752-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SUSE Package Hub 15 SP2 openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Tumbleweed jhead-3.00-bp150.3.3.1 jhead-3.00-lp150.3.3.1 jhead-3.06.0.1-1.3 jhead-3.06.0.1-bp152.4.6.1 jhead-3.06.0.1-lp152.7.6.1 jhead-3.00-bp150.3.3.1 as a component of SUSE Package Hub 15 jhead-3.06.0.1-bp152.4.6.1 as a component of SUSE Package Hub 15 SP2 jhead-3.00-lp150.3.3.1 as a component of openSUSE Leap 15.0 jhead-3.06.0.1-lp152.7.6.1 as a component of openSUSE Leap 15.2 jhead-3.06.0.1-1.3 as a component of openSUSE Tumbleweed exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315. CVE-2016-3822 SUSE Package Hub 15:jhead-3.00-bp150.3.3.1 SUSE Package Hub 15 SP2:jhead-3.06.0.1-bp152.4.6.1 openSUSE Leap 15.0:jhead-3.00-lp150.3.3.1 openSUSE Leap 15.2:jhead-3.06.0.1-lp152.7.6.1 openSUSE Tumbleweed:jhead-3.06.0.1-1.3 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H