Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-7006

Опубликовано: 12 авг. 2024
Источник: debian
EPSS Низкий

Описание

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tifffixed4.5.1+git230720-5package
tifffixed4.5.0-6+deb12u2bookwormpackage

Примечания

  • https://gitlab.com/libtiff/libtiff/-/merge_requests/559

  • https://gitlab.com/libtiff/libtiff/-/issues/624

  • Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/818fb8ce881cf839fbc710f6690aadb992aa0f9e

EPSS

Процентиль: 32%
0.00121
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-7006

CVSS3: 7.5
ubuntu
около 1 года назад

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

redhat логотип

CVE-2024-7006

CVSS3: 7.5
redhat
больше 1 года назад

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

nvd логотип

CVE-2024-7006

CVSS3: 7.5
nvd
около 1 года назад

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

msrc логотип

CVE-2024-7006

CVSS3: 7.5
msrc
около 1 года назад

Описание отсутствует

suse-cvrf логотип

SUSE-SU-2024:3117-1

suse-cvrf
около 1 года назад

Security update for tiff

EPSS

Процентиль: 32%
0.00121
Низкий