Описание
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | uses system tiff |
| devel | not-affected | uses system tiff |
| esm-apps/bionic | not-affected | uses system tiff |
| esm-apps/focal | not-affected | uses system tiff |
| esm-apps/jammy | not-affected | uses system tiff |
| esm-apps/noble | not-affected | uses system tiff |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | needs-triage | |
| focal | not-affected | uses system tiff |
| jammy | not-affected | uses system tiff |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| mantic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 4.5.1+git230720-4ubuntu1 |
| esm-infra-legacy/trusty | released | 4.0.3-7ubuntu0.11+esm12 |
| esm-infra/bionic | released | 4.0.9-5ubuntu0.10+esm5 |
| esm-infra/focal | released | 4.1.0+git191117-2ubuntu0.20.04.12 |
| esm-infra/xenial | released | 4.0.6-1ubuntu0.8+esm15 |
| focal | released | 4.1.0+git191117-2ubuntu0.20.04.12 |
| jammy | released | 4.3.0-6ubuntu0.8 |
| mantic | released | 4.5.1+git230720-1ubuntu1.1 |
| noble | released | 4.5.1+git230720-4ubuntu1 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service
A segment fault (SEGV) flaw was found in libtiff that could be trigger ...
EPSS
7.5 High
CVSS3