Описание
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | uses system libtiff |
| cosmic | not-affected | uses system libtiff |
| devel | not-affected | uses system libtiff |
| disco | not-affected | uses system libtiff |
| eoan | not-affected | uses system libtiff |
| esm-apps/bionic | not-affected | uses system libtiff |
| esm-apps/focal | not-affected | uses system libtiff |
| esm-apps/jammy | not-affected | uses system libtiff |
| esm-apps/noble | not-affected | uses system libtiff |
| esm-apps/xenial | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| cosmic | ignored | end of life |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | |
| focal | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | uses system libtiff |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | not-affected | uses system libtiff |
| eoan | not-affected | uses system libtiff |
| esm-apps/bionic | not-affected | uses system libtiff |
| esm-infra-legacy/trusty | not-affected | uses system libtiff |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | uses system libtiff |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra-legacy/trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 4.0.9-5ubuntu0.2 |
| cosmic | released | 4.0.9-6ubuntu0.2 |
| devel | not-affected | 4.0.10-4 |
| disco | not-affected | 4.0.10-4 |
| eoan | not-affected | 4.0.10-4 |
| esm-infra-legacy/trusty | released | 4.0.3-7ubuntu0.11 |
| esm-infra/bionic | released | 4.0.9-5ubuntu0.2 |
| esm-infra/focal | not-affected | 4.0.10-4 |
| esm-infra/xenial | released | 4.0.6-1ubuntu0.6 |
| focal | not-affected | 4.0.10-4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
An Invalid Address dereference was discovered in TIFFWriteDirectoryTag ...
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
Уязвимость функции TIFFWriteDirectoryTagTransferfunction программного обеспечения для просмотра, редактирования и конвертирования TIFF-файлов, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3