Headline
RHSA-2023:0095: Red Hat Security Advisory: libtiff security update
An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2056: LibTiff: DoS from Divide By Zero Error
- CVE-2022-2057: LibTiff: DoS from Divide By Zero Error
- CVE-2022-2058: LibTiff: DoS from Divide By Zero Error
- CVE-2022-2519: libtiff: Double free or corruption in rotateImage() function at tiffcrop.c
- CVE-2022-2520: libtiff: Assertion fail in rotateImage() function at tiffcrop.c
- CVE-2022-2521: libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c
- CVE-2022-2867: libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c
- CVE-2022-2868: libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()
- CVE-2022-2869: libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits()
- CVE-2022-2953: libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-12
Updated:
2023-01-12
RHSA-2023:0095 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: libtiff security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libtiff is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Security Fix(es):
- LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)
- libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519)
- libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867)
- libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869)
- libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953)
- libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520)
- libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521)
- libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running applications linked against libtiff must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Fixes
- BZ - 2103222 - LibTiff: DoS from Divide By Zero Error
- BZ - 2118847 - CVE-2022-2867 libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c
- BZ - 2118863 - CVE-2022-2868 libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()
- BZ - 2118869 - CVE-2022-2869 libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits()
- BZ - 2122789 - CVE-2022-2519 libtiff: Double free or corruption in rotateImage() function at tiffcrop.c
- BZ - 2122792 - CVE-2022-2520 libtiff: Assertion fail in rotateImage() function at tiffcrop.c
- BZ - 2122799 - CVE-2022-2521 libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c
- BZ - 2134432 - CVE-2022-2953 libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c
CVEs
- CVE-2022-2056
- CVE-2022-2057
- CVE-2022-2058
- CVE-2022-2519
- CVE-2022-2520
- CVE-2022-2521
- CVE-2022-2867
- CVE-2022-2868
- CVE-2022-2869
- CVE-2022-2953
Red Hat Enterprise Linux for x86_64 8
SRPM
libtiff-4.0.9-26.el8_7.src.rpm
SHA-256: b30bc6ff282e17a5b02a2cdc4918a7e3a97bbecaf7ad86056e4cfdb8c91e43c3
x86_64
libtiff-4.0.9-26.el8_7.i686.rpm
SHA-256: bf14f2197b7b9418972a54936db236563e45ee77f960cf711d9ad32b5e69af2c
libtiff-4.0.9-26.el8_7.x86_64.rpm
SHA-256: 53eca0e2e9a93be9f1c31260e1e1b3210200fd153bc06e32db9d194d8ead4d94
libtiff-debuginfo-4.0.9-26.el8_7.i686.rpm
SHA-256: 4be8be7c113aad3b073ca9f77874ae7cef1973940a7309db341f2708695f91ae
libtiff-debuginfo-4.0.9-26.el8_7.x86_64.rpm
SHA-256: a02e70c6f1a1d74fcaf63cbc5593c07e89b711507eb0d2b2b05c4e1ecf793709
libtiff-debugsource-4.0.9-26.el8_7.i686.rpm
SHA-256: e551d059289d42860ead3b78b872a6aedc062c3aa28afca69deafc5f00c1a80d
libtiff-debugsource-4.0.9-26.el8_7.x86_64.rpm
SHA-256: 486dd78afd1e2b646ed35884180a164f88c2b5c6b05c46795b584e608463be65
libtiff-devel-4.0.9-26.el8_7.i686.rpm
SHA-256: b2da98443e01d1eb29e7b5bec2651333c55a68fe3604ca76e9a6f24e62851438
libtiff-devel-4.0.9-26.el8_7.x86_64.rpm
SHA-256: 9b616bf2d4de9e699e001476bac2b4ffee982e4aa24e19c70135766cf37fb029
libtiff-tools-debuginfo-4.0.9-26.el8_7.i686.rpm
SHA-256: a74bb8c8e16ecb8570e62de8fa1aa7bf959c5a0c8bc94deccdeb032581de8358
libtiff-tools-debuginfo-4.0.9-26.el8_7.x86_64.rpm
SHA-256: fa49e6ece7052934667b4f9b8ddcc9a6f031c06086c8b5a3d14c75fd09d653d3
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
libtiff-4.0.9-26.el8_7.src.rpm
SHA-256: b30bc6ff282e17a5b02a2cdc4918a7e3a97bbecaf7ad86056e4cfdb8c91e43c3
s390x
libtiff-4.0.9-26.el8_7.s390x.rpm
SHA-256: 5e37d48166c755426ec777fd61179d8f75c8abf7a53af2560e3400eddbcd0fee
libtiff-debuginfo-4.0.9-26.el8_7.s390x.rpm
SHA-256: 8694bf064f7225a406fde12ab8617e762f22c7873fd17c13a9d1b81f02caef83
libtiff-debugsource-4.0.9-26.el8_7.s390x.rpm
SHA-256: 239483426bb5a79e5300c2a0ae257e767dc7d3fa5147400fa61368c4d278ef34
libtiff-devel-4.0.9-26.el8_7.s390x.rpm
SHA-256: 29b52913615a2b329e07210b38ec13970e2f02a91d7e49eb9695dacbf2c113de
libtiff-tools-debuginfo-4.0.9-26.el8_7.s390x.rpm
SHA-256: bdc3e0bcffcd09c244044aaccdd97d5389da9cbeb3822c3b6f7211facabe0b0b
Red Hat Enterprise Linux for Power, little endian 8
SRPM
libtiff-4.0.9-26.el8_7.src.rpm
SHA-256: b30bc6ff282e17a5b02a2cdc4918a7e3a97bbecaf7ad86056e4cfdb8c91e43c3
ppc64le
libtiff-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: 19c7d99a5a6ee5e63856f0a65db8783331715e31e7ec05017e65df728db7a8e4
libtiff-debuginfo-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: cc382154256166321813b1022ba84dfbaabda45458c37367c43a885bb518500d
libtiff-debugsource-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: c5ce0c7627014dace34c96d441e9e2cf8c373165c05e9d3728ddd108be92b1c8
libtiff-devel-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: 78f61ddc363d3efe6bec0408853ccadd0d3009195d8320e7258b94e5e35a045a
libtiff-tools-debuginfo-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: cb9ef8c1a943b645778bac9b2869f87f2bc204d146beef04e4369e6e64d47393
Red Hat Enterprise Linux for ARM 64 8
SRPM
libtiff-4.0.9-26.el8_7.src.rpm
SHA-256: b30bc6ff282e17a5b02a2cdc4918a7e3a97bbecaf7ad86056e4cfdb8c91e43c3
aarch64
libtiff-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 6dc88766d8bf2ef23c6396fdb51cfe49132ce26638bcc1edc25a676234655132
libtiff-debuginfo-4.0.9-26.el8_7.aarch64.rpm
SHA-256: e4ddbba69dd50053c673172be5682309cc6b3019fb90e1ff52f1d69beaeaddad
libtiff-debugsource-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 5e2d90d127c31a1145eb349631a7d06ce8afe481a77490bea5d26fa23bfec69b
libtiff-devel-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 17c6fee8acf90bd96693b7056829f61d17818f265d4cdcaabd08a7ad088333d5
libtiff-tools-debuginfo-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 253fadbdab7268b9cc9222ecb7dc109cb0b0b285a18afca2dbfe1bb64d1e3992
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
libtiff-debuginfo-4.0.9-26.el8_7.x86_64.rpm
SHA-256: a02e70c6f1a1d74fcaf63cbc5593c07e89b711507eb0d2b2b05c4e1ecf793709
libtiff-debugsource-4.0.9-26.el8_7.x86_64.rpm
SHA-256: 486dd78afd1e2b646ed35884180a164f88c2b5c6b05c46795b584e608463be65
libtiff-tools-4.0.9-26.el8_7.x86_64.rpm
SHA-256: 83f325b12aa18a52d2aec1508512788c8f66671ccef9b39a2d4b0c618e3fcd18
libtiff-tools-debuginfo-4.0.9-26.el8_7.x86_64.rpm
SHA-256: fa49e6ece7052934667b4f9b8ddcc9a6f031c06086c8b5a3d14c75fd09d653d3
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
libtiff-debuginfo-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: cc382154256166321813b1022ba84dfbaabda45458c37367c43a885bb518500d
libtiff-debugsource-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: c5ce0c7627014dace34c96d441e9e2cf8c373165c05e9d3728ddd108be92b1c8
libtiff-tools-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: c4b4a62a81efa696a9de0a85b3c8b8aee1059631491249f00fac550b5092b99f
libtiff-tools-debuginfo-4.0.9-26.el8_7.ppc64le.rpm
SHA-256: cb9ef8c1a943b645778bac9b2869f87f2bc204d146beef04e4369e6e64d47393
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
libtiff-debuginfo-4.0.9-26.el8_7.aarch64.rpm
SHA-256: e4ddbba69dd50053c673172be5682309cc6b3019fb90e1ff52f1d69beaeaddad
libtiff-debugsource-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 5e2d90d127c31a1145eb349631a7d06ce8afe481a77490bea5d26fa23bfec69b
libtiff-tools-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 759d365a39c061545972bbad8c6a021b806e0e7c59dd4c6104dcc1842c097c73
libtiff-tools-debuginfo-4.0.9-26.el8_7.aarch64.rpm
SHA-256: 253fadbdab7268b9cc9222ecb7dc109cb0b0b285a18afca2dbfe1bb64d1e3992
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
libtiff-debuginfo-4.0.9-26.el8_7.s390x.rpm
SHA-256: 8694bf064f7225a406fde12ab8617e762f22c7873fd17c13a9d1b81f02caef83
libtiff-debugsource-4.0.9-26.el8_7.s390x.rpm
SHA-256: 239483426bb5a79e5300c2a0ae257e767dc7d3fa5147400fa61368c4d278ef34
libtiff-tools-4.0.9-26.el8_7.s390x.rpm
SHA-256: 4baf5b988d311faa87fe9656aabf76b9c4e1d8684a5ace42a96d1041efe478e8
libtiff-tools-debuginfo-4.0.9-26.el8_7.s390x.rpm
SHA-256: bdc3e0bcffcd09c244044aaccdd97d5389da9cbeb3822c3b6f7211facabe0b0b
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...
Red Hat Security Advisory 2023-1174-01 - OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.
OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic. * CVE-2022...
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0794-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...
Red Hat Security Advisory 2023-0693-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
The Migration Toolkit for Containers (MTC) 1.7.7 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43138: A vulnerability was found in the async package. This flaw allows a malicious user to obtain privileges via the mapValues() method. * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw a...
Debian Linux Security Advisory 5333-1 - Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format (TIFF) library and tools, which may cause denial of service when processing a crafted TIFF image.
An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2056: LibTiff: DoS from Divide By Zero Error * CVE-2022-2057: LibTiff: DoS from Divide By Zero Error * CVE-2022-2058: LibTiff: DoS from Divide By Zero Error * CVE-2022-2519: libtiff: Double free or corruption in rotateImage() function at tiffcrop.c * CVE-2022-2520: libtiff: Assertion fail in rotateImage() function at tiffcrop.c * CVE-2022-2521: libtiff:...
Red Hat Security Advisory 2023-0095-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, double free, and out of bounds read vulnerabilities.
Ubuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.
Ubuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.
Ubuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.
Ubuntu Security Notice 5604-1 - It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 5604-1 - It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 5604-1 - It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation.
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.