Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6644-2

Ubuntu Security Notice 6644-2 - USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to consume resources, resulting in a denial of service.

Packet Storm
#vulnerability#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-6644-2February 27, 2024tiff vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in LibTIFF.Software Description:- tiff: Tag Image File Format (TIFF) libraryDetails:USN-6644-1 fixed vulnerabilities in LibTIFF.This update provides the corresponding updates for Ubuntu 22.04 LTS.Original advisory details:  It was discovered that LibTIFF incorrectly handled certain files. If  a user were tricked into opening a specially crafted file, an attacker  could possibly use this issue to cause the application to crash, resulting  in a denial of service. (CVE-2023-52356)   It was discovered that LibTIFF incorrectly handled certain image files  with the tiffcp utility. If a user were tricked into opening a specially  crafted image file, an attacker could possibly use this issue to cause  tiffcp to crash, resulting in a denial of service. (CVE-2023-6228)   It was discovered that LibTIFF incorrectly handled certain files. If  a user were tricked into opening a specially crafted file, an attacker  could possibly use this issue to cause the application to consume  resources, resulting in a denial of service. (CVE-2023-6277)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   libtiff-tools                   4.3.0-6ubuntu0.8   libtiff5                        4.3.0-6ubuntu0.8In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6644-2   https://ubuntu.com/security/notices/USN-6644-1   CVE-2023-52356, CVE-2023-6228, CVE-2023-6277Package Information:   https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.8

Related news

Apple Security Advisory 07-29-2024-9

Apple Security Advisory 07-29-2024-9 - visionOS 1.3 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 07-29-2024-8

Apple Security Advisory 07-29-2024-8 - tvOS 17.6 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 07-29-2024-7

Apple Security Advisory 07-29-2024-7 - watchOS 10.6 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6644-1

Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.

Ubuntu Security Notice USN-6644-1

Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.

Ubuntu Security Notice USN-6644-1

Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.

CVE-2023-6277: cve-details

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution