ELSA-2022-7585

Опубликовано: 15 нояб. 2022

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2022-7585: libtiff security update (MODERATE)

[4.0.9-23]

Fix various CVEs
Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-0908 CVE-2022-1355

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

libtiff

4.0.9-23.el8

libtiff-devel

4.0.9-23.el8

libtiff-tools

4.0.9-23.el8

Oracle Linux x86_64

libtiff

4.0.9-23.el8

libtiff-devel

4.0.9-23.el8

libtiff-tools

4.0.9-23.el8

Связанные CVE

Ссылки на источники

Связанные уязвимости

RLSA-2022:7585

rocky

почти 3 года назад

Moderate: libtiff security update

ELSA-2022-8194

oracle-oval

больше 2 лет назад

ELSA-2022-8194: libtiff security update (MODERATE)

SUSE-SU-2022:1882-1

suse-cvrf

около 3 лет назад

Security update for tiff

SUSE-SU-2022:1667-1

suse-cvrf

около 3 лет назад

Security update for tiff

CVE-2022-1355

CVSS3: 6.1

ubuntu

почти 3 года назад

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.