Описание
Security update for tiff
This update for tiff fixes the following issues:
- CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031).
- CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365).
- CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
- CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Список пакетов
HPE Helion OpenStack 8
Image SLES12-SP4-SAP-Azure-BYOS
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
Image SLES12-SP4-SAP-EC2-HVM
Image SLES12-SP5-Azure-SAP-BYOS
Image SLES12-SP5-Azure-SAP-On-Demand
Image SLES12-SP5-EC2-SAP-BYOS
Image SLES12-SP5-EC2-SAP-On-Demand
Image SLES12-SP5-GCE-SAP-BYOS
Image SLES12-SP5-GCE-SAP-On-Demand
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Ссылки
- Link for SUSE-SU-2022:0496-1
- E-Mail link for SUSE-SU-2022:0496-1
- SUSE Security Ratings
- SUSE Bug 1071031
- SUSE Bug 1154365
- SUSE Bug 1182808
- SUSE Bug 1182809
- SUSE Bug 1182811
- SUSE Bug 1182812
- SUSE Bug 1190312
- SUSE Bug 1194539
- SUSE CVE CVE-2017-17095 page
- SUSE CVE CVE-2019-17546 page
- SUSE CVE CVE-2020-19131 page
- SUSE CVE CVE-2020-35521 page
- SUSE CVE CVE-2020-35522 page
- SUSE CVE CVE-2020-35523 page
- SUSE CVE CVE-2020-35524 page
- SUSE CVE CVE-2022-22844 page
Описание
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
Затронутые продукты
Ссылки
- CVE-2017-17095
- SUSE Bug 1071031
Описание
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
Затронутые продукты
Ссылки
- CVE-2019-17546
- SUSE Bug 1154365
Описание
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
Затронутые продукты
Ссылки
- CVE-2020-19131
- SUSE Bug 1190312
Описание
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
Затронутые продукты
Ссылки
- CVE-2020-35521
- SUSE Bug 1182808
- SUSE Bug 1200195
Описание
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
Затронутые продукты
Ссылки
- CVE-2020-35522
- SUSE Bug 1182809
- SUSE Bug 1200195
Описание
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые продукты
Ссылки
- CVE-2020-35523
- SUSE Bug 1182811
- SUSE Bug 1200195
Описание
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые продукты
Ссылки
- CVE-2020-35524
- SUSE Bug 1182812
- SUSE Bug 1200195
Описание
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
Затронутые продукты
Ссылки
- CVE-2022-22844
- SUSE Bug 1194539