Описание
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
Отчет
Red Hat has determined that this vulnerability has a low severity due to the fact that a potential crash in an application using the vulnerable tiffcp utility will most likely lead to temporary disruptions in availability; there are no indications that this vulnerability will lead to long-term or persistent downtime resulting from a crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libtiff | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-libtiff3 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libtiff | Out of support scope | ||
| Red Hat Enterprise Linux 8 | compat-libtiff3 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | libtiff | Fixed | RHSA-2024:5079 | 07.08.2024 |
| Red Hat Enterprise Linux 9 | libtiff | Fixed | RHSA-2024:2289 | 30.04.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
An issue was found in the tiffcp utility distributed by the libtiff pa ...
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
EPSS
3.3 Low
CVSS3