Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2883: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3627: An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition.
  • CVE-2022-3970: An integer overflow flaw was found in LibTIFF. This issue exists in the TIFFReadRGBATileExt function of the libtiff/tif_getimage.c file, and may lead to a buffer overflow.
Red Hat Security Data
#vulnerability#web#linux#red_hat#dos#nodejs#js#java#kubernetes#aws#buffer_overflow#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-16

Updated:

2023-05-16

RHSA-2023:2883 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: libtiff security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

  • libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (CVE-2022-3627)
  • libtiff: integer overflow in function TIFFReadRGBATileExt of the file (CVE-2022-3970)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running applications linked against libtiff must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2142742 - CVE-2022-3627 libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
  • BZ - 2148918 - CVE-2022-3970 libtiff: integer overflow in function TIFFReadRGBATileExt of the file

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

libtiff-4.0.9-27.el8.src.rpm

SHA-256: d43d0c112d464e8c324275bf3afb2c982e7fafe39d5f15a084bccdb4dcfc16c9

x86_64

libtiff-4.0.9-27.el8.i686.rpm

SHA-256: a75e7842ee7398181f176b1bc79c54f3119339a01a412a631aa94617a8e658bf

libtiff-4.0.9-27.el8.x86_64.rpm

SHA-256: 6ab9bf05c0e4849bc73e274d4d53135e5cc6f6e3aa5e1634a022fc4494ce2e6e

libtiff-debuginfo-4.0.9-27.el8.i686.rpm

SHA-256: 2fc3a29ee3b9302693c9ea099d32ff416490df6d9d56b4836dd57557b05fa715

libtiff-debuginfo-4.0.9-27.el8.x86_64.rpm

SHA-256: 09808906fd06c1e847b8061579602ddbb6e9b389d93e1b4c612b6120dbf26556

libtiff-debugsource-4.0.9-27.el8.i686.rpm

SHA-256: 18a4116d20bcbd10f33dc7e1d077a55923270d1b04475d22f1d0857f95bd4884

libtiff-debugsource-4.0.9-27.el8.x86_64.rpm

SHA-256: 729d68e88b602d89aae03c793cc8c09faf21130b1def60bdac8b6b073de6b735

libtiff-devel-4.0.9-27.el8.i686.rpm

SHA-256: f8337a648e67ce170f6561366d4f93a6240ba6987caab4c8b10ab362e6f3c8f8

libtiff-devel-4.0.9-27.el8.x86_64.rpm

SHA-256: cea585fd0aa283136a145f6ad1e9ec371fc1da9b3be50249266a0c502415cbf3

libtiff-tools-debuginfo-4.0.9-27.el8.i686.rpm

SHA-256: f9b4ade617efb6f7ccdc84a618f80e618c60a411eab1c17214be61a4da54ec8f

libtiff-tools-debuginfo-4.0.9-27.el8.x86_64.rpm

SHA-256: 141a3ffab51ed4ef18697906e8a88db6b64306c9781ec435d3171618084634d1

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

libtiff-4.0.9-27.el8.src.rpm

SHA-256: d43d0c112d464e8c324275bf3afb2c982e7fafe39d5f15a084bccdb4dcfc16c9

s390x

libtiff-4.0.9-27.el8.s390x.rpm

SHA-256: 959b410ac946044f4ab8ce8bf377810e75c7a23359a8139a8c9cb72e02020ade

libtiff-debuginfo-4.0.9-27.el8.s390x.rpm

SHA-256: 59ddce702ae33051a35b52404d702321510f027dfe06b35bac350f3e1b67e373

libtiff-debugsource-4.0.9-27.el8.s390x.rpm

SHA-256: 6cbcbca57158628354550a473c5176bf4d86ccd77847e551fa856f11f1cb3b66

libtiff-devel-4.0.9-27.el8.s390x.rpm

SHA-256: dcdaccd3fc0ab44bd3bada80659f83b7295d86a2487db5c2610e4a2b0c217c85

libtiff-tools-debuginfo-4.0.9-27.el8.s390x.rpm

SHA-256: a992fedea2a7adaa2df8ff706837c0a9ca66f9e33b7fa3793a61836113378f35

Red Hat Enterprise Linux for Power, little endian 8

SRPM

libtiff-4.0.9-27.el8.src.rpm

SHA-256: d43d0c112d464e8c324275bf3afb2c982e7fafe39d5f15a084bccdb4dcfc16c9

ppc64le

libtiff-4.0.9-27.el8.ppc64le.rpm

SHA-256: e46e7dd257ef90a8a9bad157ef92214e58bfb6d136a094ea0dee42ca69b60241

libtiff-debuginfo-4.0.9-27.el8.ppc64le.rpm

SHA-256: afab20b99cd61f92792f24824fa11ab1639333d1cadaa0df3d905b7092ecbf75

libtiff-debugsource-4.0.9-27.el8.ppc64le.rpm

SHA-256: 709b53f90cfd64bf0376d4670fda0a3d1fead84b08ce6efa70bc93ee2c82afb4

libtiff-devel-4.0.9-27.el8.ppc64le.rpm

SHA-256: fac192e34eccd1ad5c028da307db3fb652b3a4ee6cffb51c7939680e3e10c68b

libtiff-tools-debuginfo-4.0.9-27.el8.ppc64le.rpm

SHA-256: 055c285bb66dd3b72486b5c437b45cb2170d127b09bc8fa11c55b40b0eaa8f0b

Red Hat Enterprise Linux for ARM 64 8

SRPM

libtiff-4.0.9-27.el8.src.rpm

SHA-256: d43d0c112d464e8c324275bf3afb2c982e7fafe39d5f15a084bccdb4dcfc16c9

aarch64

libtiff-4.0.9-27.el8.aarch64.rpm

SHA-256: 5b20915f34e0437c234c5b0e082a0bee1bd851a86c66cb9b3984c322dcbaf12a

libtiff-debuginfo-4.0.9-27.el8.aarch64.rpm

SHA-256: aa9546eb85eeced40bf3ae4fcfe6529b866ce9c8ca86f06c950098632640541f

libtiff-debugsource-4.0.9-27.el8.aarch64.rpm

SHA-256: 3f13c500f0385ff2875b8ec129e6e62603a95327394e33036fba1934a3999bac

libtiff-devel-4.0.9-27.el8.aarch64.rpm

SHA-256: 1be7abd33b9e120259d5508ab3a6e6b5859bc1ad28c2350fd57fb989997f0f8e

libtiff-tools-debuginfo-4.0.9-27.el8.aarch64.rpm

SHA-256: 78d29608a15cc5f99ea7fe466b3eb0146da22c1528ce3a4a70e215d320fef287

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

libtiff-debuginfo-4.0.9-27.el8.x86_64.rpm

SHA-256: 09808906fd06c1e847b8061579602ddbb6e9b389d93e1b4c612b6120dbf26556

libtiff-debugsource-4.0.9-27.el8.x86_64.rpm

SHA-256: 729d68e88b602d89aae03c793cc8c09faf21130b1def60bdac8b6b073de6b735

libtiff-tools-4.0.9-27.el8.x86_64.rpm

SHA-256: 5e4258d31300fe92ea64b6f82341980f70ef19d706050ddc55d36a1635534397

libtiff-tools-debuginfo-4.0.9-27.el8.x86_64.rpm

SHA-256: 141a3ffab51ed4ef18697906e8a88db6b64306c9781ec435d3171618084634d1

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

libtiff-debuginfo-4.0.9-27.el8.ppc64le.rpm

SHA-256: afab20b99cd61f92792f24824fa11ab1639333d1cadaa0df3d905b7092ecbf75

libtiff-debugsource-4.0.9-27.el8.ppc64le.rpm

SHA-256: 709b53f90cfd64bf0376d4670fda0a3d1fead84b08ce6efa70bc93ee2c82afb4

libtiff-tools-4.0.9-27.el8.ppc64le.rpm

SHA-256: d3e77729a6df10cb08c6ee18bb57d479d83f0d6f7bbe84f8da4c9c6617da2e30

libtiff-tools-debuginfo-4.0.9-27.el8.ppc64le.rpm

SHA-256: 055c285bb66dd3b72486b5c437b45cb2170d127b09bc8fa11c55b40b0eaa8f0b

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

libtiff-debuginfo-4.0.9-27.el8.aarch64.rpm

SHA-256: aa9546eb85eeced40bf3ae4fcfe6529b866ce9c8ca86f06c950098632640541f

libtiff-debugsource-4.0.9-27.el8.aarch64.rpm

SHA-256: 3f13c500f0385ff2875b8ec129e6e62603a95327394e33036fba1934a3999bac

libtiff-tools-4.0.9-27.el8.aarch64.rpm

SHA-256: 399b06c00a0f12b6d29c829667b65d60a50232ad94ce840a7073dbd787fec968

libtiff-tools-debuginfo-4.0.9-27.el8.aarch64.rpm

SHA-256: 78d29608a15cc5f99ea7fe466b3eb0146da22c1528ce3a4a70e215d320fef287

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

libtiff-debuginfo-4.0.9-27.el8.s390x.rpm

SHA-256: 59ddce702ae33051a35b52404d702321510f027dfe06b35bac350f3e1b67e373

libtiff-debugsource-4.0.9-27.el8.s390x.rpm

SHA-256: 6cbcbca57158628354550a473c5176bf4d86ccd77847e551fa856f11f1cb3b66

libtiff-tools-4.0.9-27.el8.s390x.rpm

SHA-256: 0643f503b427818134f5d30c3dc4ec9bb49970bf4a54e86a75a4f6892346de05

libtiff-tools-debuginfo-4.0.9-27.el8.s390x.rpm

SHA-256: a992fedea2a7adaa2df8ff706837c0a9ca66f9e33b7fa3793a61836113378f35

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

Red Hat Security Advisory 2023-3813-01

Red Hat Security Advisory 2023-3813-01 - An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8.

RHSA-2023:3813: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4492: A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2...

RHSA-2023:3664: Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update

Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where reques...

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

Red Hat Security Advisory 2023-3495-01

Red Hat Security Advisory 2023-3495-01 - Logging Subsystem 5.7.2 - Red Hat OpenShift. Issues addressed include cross site scripting and denial of service vulnerabilities.

RHSA-2023:3495: Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update

Logging Subsystem 5.7.2 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-27539: A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpe...

Red Hat Security Advisory 2023-3356-01

Red Hat Security Advisory 2023-3356-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

Red Hat Security Advisory 2023-3326-01

Red Hat Security Advisory 2023-3326-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.6 images. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-2883-01

Red Hat Security Advisory 2023-2883-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include integer overflow and out of bounds write vulnerabilities.

RHSA-2023:2340: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3570: A heap-based buffer overflow flaw was found in Libtiff's tiffcrop utility. This issue occurs during the conversion of a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes an out-of-bound access resulting an application crash, eventually leading to a denial of service. * CVE-2022-3597: An out-o...

RHSA-2023:2340: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3570: A heap-based buffer overflow flaw was found in Libtiff's tiffcrop utility. This issue occurs during the conversion of a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes an out-of-bound access resulting an application crash, eventually leading to a denial of service. * CVE-2022-3597: An out-o...

Ubuntu Security Notice USN-5841-1

Ubuntu Security Notice 5841-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue was only fixed in Ubuntu 14.04 ESM. It was discovered that LibTIFF was incorrectly accessing a data structure when processing data with the tiffcrop tool, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Debian Security Advisory 5333-1

Debian Linux Security Advisory 5333-1 - Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format (TIFF) library and tools, which may cause denial of service when processing a crafted TIFF image.

Ubuntu Security Notice USN-5743-2

Ubuntu Security Notice 5743-2 - USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Ubuntu Security Notice USN-5743-1

Ubuntu Security Notice 5743-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.

CVE-2022-3627: Merge branch 'tiffcrop_fix_#411_#413' into 'master' (236b7191) · Commits · libtiff / libtiff · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.