CVE-2021-29623: 
NixOS vulnerability analysis and mitigation

CVE-2021-29623 is a vulnerability discovered in Exiv2, a command-line utility and C++ library for reading, writing, deleting, and modifying image file metadata. The vulnerability was disclosed and patched in May 2021, affecting versions prior to v0.27.4. The issue specifically affects the isWebPType() function in Exiv2, where a read of uninitialized memory could occur when processing crafted image files (GitHub Advisory, Red Hat CVE).

The vulnerability stems from a read of uninitialized memory in the isWebPType() function. The issue occurs when processing crafted image files that are particularly short, which triggers an error in file type checking functions. The root cause was identified as these functions not properly rewinding the file position after encountering EOF errors, leading to subsequent read operations potentially accessing uninitialized memory (GitHub PR).

An attacker could potentially exploit this vulnerability to leak a few bytes of stack memory by tricking a victim into processing a specially crafted image file with Exiv2. The severity of this vulnerability has been rated as Low with a CVSS v3.1 base score of 3.3 (GitHub Advisory).

The vulnerability was fixed in Exiv2 version v0.27.4. The fix involves using readOrThrow to properly check error conditions of io.read() operations. Users are advised to upgrade to version 0.27.4 or later to address this security issue (Ubuntu Security, Red Hat Security).

Multiple Linux distributions responded to this vulnerability by releasing security updates, including Ubuntu, Red Hat, and Fedora. Ubuntu included this fix in their security notice USN-4964-1, while Red Hat addressed it in RHSA-2021:4173 (Ubuntu Security, Fedora Update).