Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-2521HistoryAug 31, 2022 - 4:15 p.m.
CVE-2022-2521
2022-08-3116:15:11
Debian Security Bug Tracker
security-tracker.debian.org
26
libtiff 4.4.0rc1
invalid pointer free
denial of service
crafted input
program crash
tiffclose
tif_close.c
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.0%
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tiff | <Â 4.4.0-6 | tiff_4.4.0-6_all.deb |
| Debian | 11 | all | tiff | <Â 4.2.0-1+deb11u3 | tiff_4.2.0-1+deb11u3_all.deb |
| Debian | 999 | all | tiff | <Â 4.4.0-6 | tiff_4.4.0-6_all.deb |
| Debian | 13 | all | tiff | <Â 4.4.0-6 | tiff_4.4.0-6_all.deb |
Related
amazon
amazon
Low: libtiff
2023-05-25 17:41:00
osv
osv
CVE-2022-2521
2022-08-31 16:15:11
libtiff-devel-32bit-4.4.0-4.1 on GA media
2024-06-15 00:00:00
Moderate: libtiff security update
2023-01-23 14:29:57
cnvd
cnvd
LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72100)
2022-09-02 00:00:00
cvelist
cvelist
CVE-2022-2521
2022-08-31 00:00:00
cve
cve
CVE-2022-2521
2022-08-31 16:15:11
prion
prion
Double free
2022-08-31 16:15:00
alpinelinux
alpinelinux
CVE-2022-2521
2022-08-31 16:15:11
veracode
veracode
Denial Of Service (DoS)
2022-09-01 13:11:24
nessus
nessus
Amazon Linux 2 : libtiff (ALAS-2023-2055)
2023-06-05 00:00:00
CentOS 9 : libtiff-4.4.0-5.el9
2024-02-29 00:00:00
ubuntucve
ubuntucve
CVE-2022-2521
2022-08-31 00:00:00
redhatcve
redhatcve
CVE-2022-2521
2022-08-30 20:15:43
nvd
nvd
CVE-2022-2521
2022-08-31 16:15:11
mageia
mageia
Updated libtiff packages fix security vulnerability
2022-11-08 22:44:28
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0410)
2022-11-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3679-1)
2022-10-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3690-1)
2022-10-24 00:00:00
redhat
redhat
(RHSA-2023:0302) Moderate: libtiff security update
2023-01-23 14:29:57
(RHSA-2023:0095) Moderate: libtiff security update
2023-01-12 08:25:25
almalinux
almalinux
Moderate: libtiff security update
2023-01-23 00:00:00
Moderate: libtiff security update
2023-01-12 00:00:00
oraclelinux
oraclelinux
libtiff security update
2023-01-24 00:00:00
libtiff security update
2023-01-12 00:00:00
rocky
rocky
libtiff security update
2023-01-23 14:29:57
libtiff security update
2023-01-12 08:25:25
ibm
ibm
suse
suse
Security update for tiff (important)
2022-10-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.4.0-alt2
2022-12-27 00:00:00
cloudfoundry
cloudfoundry
USN-5714-1: LibTIFF vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2022-11-08 00:00:00
debian
debian
[SECURITY] [DSA 5333-1] tiff security update
2023-01-29 12:55:02
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.0%
Related for DEBIANCVE:CVE-2022-2521