Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 4.0.9-5ubuntu0.10 |
| devel | not-affected | 4.5.0-6ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 4.0.3-7ubuntu0.11+esm7 |
| esm-infra/bionic | not-affected | 4.0.9-5ubuntu0.10 |
| esm-infra/focal | not-affected | 4.1.0+git191117-2ubuntu0.20.04.8 |
| esm-infra/xenial | released | 4.0.6-1ubuntu0.8+esm10 |
| focal | released | 4.1.0+git191117-2ubuntu0.20.04.8 |
| jammy | released | 4.3.0-6ubuntu0.4 |
| kinetic | released | 4.4.0-4ubuntu3.3 |
| lunar | not-affected | 4.5.0-5ubuntu1 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS3
Связанные уязвимости
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_un ...
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
EPSS
6.8 Medium
CVSS3