Описание
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tiff | fixed | 4.4.0-5 | package | |
| tiff | fixed | 4.2.0-1+deb11u3 | bullseye | package |
| tiff | fixed | 4.1.0+git191117-2~deb10u5 | buster | package |
Примечания
https://gitlab.com/libtiff/libtiff/-/issues/463
https://gitlab.com/libtiff/libtiff/-/commit/f00484b9519df933723deb38fff943dc291a793d (v4.5.0rc1)
Same fix as for CVE-2022-3599, CVE-2022-4645 and CVE-2023-30086.
The fix causes CVE-2023-2908.
Связанные уязвимости
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
Уязвимость библиотеки LibTIFF, связанная с выходом операции за границы буфера в памяти при обработке параметров TIFFTAG_INKNAMES и TIFFTAG_NUMBEROFINKS, позволяющая нарушителю вызвать отказ в обслуживании