Описание
ELSA-2025-20801: libtiff security update (MODERATE)
[4.4.0-15]
- backport documentation change for CVE-2023-52355 (RHEL-17328)
[4.4.0-14]
- fix CVE-2023-52356: libtiff could crash in TIFFReadRGBATileExt when parsing crafted tiff file (RHEL-17337)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
libtiff
4.4.0-15.el9
libtiff-devel
4.4.0-15.el9
libtiff-tools
4.4.0-15.el9
Oracle Linux x86_64
libtiff
4.4.0-15.el9
libtiff-devel
4.4.0-15.el9
libtiff-tools
4.4.0-15.el9
Связанные CVE
Связанные уязвимости
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
An out-of-memory flaw was found in libtiff that could be triggered by ...
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.