libexiv2.so is vulnerable to denial of service (DoS) attacks. When an attacker sends a malicious CRW image,the function Exiv2::Internal::CiffDirectory::readDirectory
in crwimage_int.cpp
fails to check the offset and size against the total size, causing a trigger for an application crash via Exiv2::getULong
in types.cpp
.