Описание
Security update for tiff
This update for tiff fixes the following issues:
- CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031).
- CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365).
- CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
- CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Список пакетов
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2022:0480-1
- SUSE Security Ratings
- SUSE Bug 1071031
- SUSE Bug 1154365
- SUSE Bug 1182808
- SUSE Bug 1182809
- SUSE Bug 1182811
- SUSE Bug 1182812
- SUSE Bug 1190312
- SUSE Bug 1194539
- SUSE CVE CVE-2017-17095 page
- SUSE CVE CVE-2019-17546 page
- SUSE CVE CVE-2020-19131 page
- SUSE CVE CVE-2020-35521 page
- SUSE CVE CVE-2020-35522 page
- SUSE CVE CVE-2020-35523 page
- SUSE CVE CVE-2020-35524 page
- SUSE CVE CVE-2022-22844 page
Описание
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
Затронутые продукты
Ссылки
- CVE-2017-17095
- SUSE Bug 1071031
Описание
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
Затронутые продукты
Ссылки
- CVE-2019-17546
- SUSE Bug 1154365
Описание
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
Затронутые продукты
Ссылки
- CVE-2020-19131
- SUSE Bug 1190312
Описание
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
Затронутые продукты
Ссылки
- CVE-2020-35521
- SUSE Bug 1182808
- SUSE Bug 1200195
Описание
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
Затронутые продукты
Ссылки
- CVE-2020-35522
- SUSE Bug 1182809
- SUSE Bug 1200195
Описание
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые продукты
Ссылки
- CVE-2020-35523
- SUSE Bug 1182811
- SUSE Bug 1200195
Описание
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые продукты
Ссылки
- CVE-2020-35524
- SUSE Bug 1182812
- SUSE Bug 1200195
Описание
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
Затронутые продукты
Ссылки
- CVE-2022-22844
- SUSE Bug 1194539