Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6997-1

Ubuntu Security Notice 6997-1 - It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service.

Packet Storm
#vulnerability#ubuntu#dos#git

==========================================================================
Ubuntu Security Notice USN-6997-1
September 09, 2024

tiff vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 24.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary:

LibTIFF could be made to crash if it received specially crafted input.

Software Description:

  • tiff: Tag Image File Format (TIFF) library

Details:

It was discovered that LibTIFF incorrectly handled memory. An attacker
could possibly use this issue to cause the application to crash, resulting
in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
libtiff6 4.5.1+git230720-4ubuntu2.2

Ubuntu 22.04 LTS
libtiff5 4.3.0-6ubuntu0.10

Ubuntu 20.04 LTS
libtiff5 4.1.0+git191117-2ubuntu0.20.04.14

Ubuntu 18.04 LTS
libtiff5 4.0.9-5ubuntu0.10+esm7
Available with Ubuntu Pro

Ubuntu 16.04 LTS
libtiff5 4.0.6-1ubuntu0.8+esm17
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6997-1
CVE-2024-7006

Package Information:
https://launchpad.net/ubuntu/+source/tiff/4.5.1+git230720-4ubuntu2.2
https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.10
https://launchpad.net/ubuntu/+source/tiff/4.1.0+git191117-2ubuntu0.20.04.14

Related news

Red Hat Security Advisory 2024-8914-03

Red Hat Security Advisory 2024-8914-03 - An update for libtiff is now available for Red Hat Enterprise Linux 9. Issues addressed include a null pointer vulnerability.

Ubuntu Security Notice USN-6997-2

Ubuntu Security Notice 6997-2 - USN-6997-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 14.04 LTS. It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service.

Red Hat Security Advisory 2024-6360-03

Red Hat Security Advisory 2024-6360-03 - An update for libtiff is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a null pointer vulnerability.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution