Описание
Security update for tiff
This update for tiff fixes the following issues:
- CVE-2022-2519: Fixed a double free in rotateImage() (bsc#1202968).
- CVE-2022-2520: Fixed a assertion failure in rotateImage() (bsc#1202973).
- CVE-2022-2521: Fixed invalid free in TIFFClose() (bsc#1202971).
- CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c (bsc#1202466).
- CVE-2022-2868: Fixed out of bounds read in reverseSamples16bits() (bsc#1202467).
- CVE-2022-2869: Fixed out of bounds read and write in extractContigSamples8bits() (bsc#1202468).
- CVE-2022-34526: Fixed stack overflow in the _TIFFVGetField function of Tiffsplit (bsc#1202026).
Список пакетов
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
Image SLES12-SP5-Azure-SAP-BYOS
Image SLES12-SP5-Azure-SAP-On-Demand
Image SLES12-SP5-EC2-SAP-BYOS
Image SLES12-SP5-EC2-SAP-On-Demand
Image SLES12-SP5-GCE-SAP-BYOS
Image SLES12-SP5-GCE-SAP-On-Demand
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
Ссылки
- Link for SUSE-SU-2022:3679-1
- E-Mail link for SUSE-SU-2022:3679-1
- SUSE Security Ratings
- SUSE Bug 1201723
- SUSE Bug 1201971
- SUSE Bug 1202026
- SUSE Bug 1202466
- SUSE Bug 1202467
- SUSE Bug 1202468
- SUSE Bug 1202968
- SUSE Bug 1202971
- SUSE Bug 1202973
- SUSE CVE CVE-2022-0561 page
- SUSE CVE CVE-2022-2519 page
- SUSE CVE CVE-2022-2520 page
- SUSE CVE CVE-2022-2521 page
- SUSE CVE CVE-2022-2867 page
- SUSE CVE CVE-2022-2868 page
- SUSE CVE CVE-2022-2869 page
- SUSE CVE CVE-2022-34266 page
Описание
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
Затронутые продукты
Ссылки
- CVE-2022-0561
- SUSE Bug 1195964
Описание
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
Затронутые продукты
Ссылки
- CVE-2022-2519
- SUSE Bug 1202968
- SUSE Bug 1205505
Описание
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
Затронутые продукты
Ссылки
- CVE-2022-2520
- SUSE Bug 1202973
Описание
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
Затронутые продукты
Ссылки
- CVE-2022-2521
- SUSE Bug 1202971
- SUSE Bug 1205505
Описание
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.
Затронутые продукты
Ссылки
- CVE-2022-2867
- SUSE Bug 1202466
Описание
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
Затронутые продукты
Ссылки
- CVE-2022-2868
- SUSE Bug 1202467
Описание
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation.
Затронутые продукты
Ссылки
- CVE-2022-2869
- SUSE Bug 1202468
Описание
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.
Затронутые продукты
Ссылки
- CVE-2022-34266
- SUSE Bug 1201723
- SUSE Bug 1208311
Описание
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
Затронутые продукты
Ссылки
- CVE-2022-34526
- SUSE Bug 1202026
- SUSE Bug 1205073
- SUSE Bug 1205505
- SUSE Bug 1208338