CVE-2019-17545

Description

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

How to fix CVE-2019-17545

To remediate CVE-2019-17545, upgrade the affected package to a fixed version below.

• Debian/gdal—upgrade to 2.4.2+dfsg-2 or later
• Debian/gdal—upgrade to 1.10.1+dfsg-8+deb8u1 or later
• —upgrade to 2.1.2+dfsg-5+deb9u1 or later
• —upgrade to 2.4.0+dfsg-1+deb10u1 or later
• —upgrade to 148115fcc40f1651a5d15fa34c9a8c528e7147bb or later

Is CVE-2019-17545 being exploited?

Low — EPSS is 2.2%, meaning exploitation activity has not been observed at scale.

Affected packages (5)

• from 0, < 2.4.2+dfsg-2
• from 0, < 1.10.1+dfsg-8+deb8u1
• from 0, < 2.1.2+dfsg-5+deb9u1
• from 0, < 2.4.0+dfsg-1+deb10u1
• from 0, < 148115fcc40f1651a5d15fa34c9a8c528e7147bb | from 0, < 3.0.2

CVSS scores

References (10)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2019-17545
• PATCHgithub.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb
• WEBlists.opensuse.org/opensuse-security-announce/2019-11/msg00022.html
• WEBbugs.chromium.org/p/oss-fuzz/issues/detail?id=16178