Lucene search
RedHatRHSA-2023:2883HistoryMay 16, 2023 - 5:57 a.m.
(RHSA-2023:2883) Moderate: libtiff security update
2023-05-1605:57:15
access.redhat.com
19
libtiff
security fix
out-of-bounds write
integer overflow
red hat enterprise linux 8.8
tiff file format
cvss score
0.006 Low
EPSS
Percentile
78.7%
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Security Fix(es):
-
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (CVE-2022-3627)
-
libtiff: integer overflow in function TIFFReadRGBATileExt of the file (CVE-2022-3970)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | s390x | libtiff | < 4.0.9-27.el8 | libtiff-4.0.9-27.el8.s390x.rpm |
| RedHat | 8 | i686 | libtiff-devel | < 4.0.9-27.el8 | libtiff-devel-4.0.9-27.el8.i686.rpm |
| RedHat | 8 | i686 | libtiff-debugsource | < 4.0.9-27.el8 | libtiff-debugsource-4.0.9-27.el8.i686.rpm |
| RedHat | 8 | aarch64 | libtiff-debuginfo | < 4.0.9-27.el8 | libtiff-debuginfo-4.0.9-27.el8.aarch64.rpm |
| RedHat | 8 | i686 | libtiff-debuginfo | < 4.0.9-27.el8 | libtiff-debuginfo-4.0.9-27.el8.i686.rpm |
| RedHat | 8 | x86_64 | libtiff-debuginfo | < 4.0.9-27.el8 | libtiff-debuginfo-4.0.9-27.el8.x86_64.rpm |
| RedHat | 8 | x86_64 | libtiff-debugsource | < 4.0.9-27.el8 | libtiff-debugsource-4.0.9-27.el8.x86_64.rpm |
| RedHat | 8 | ppc64le | libtiff-tools | < 4.0.9-27.el8 | libtiff-tools-4.0.9-27.el8.ppc64le.rpm |
| RedHat | 8 | s390x | libtiff-tools | < 4.0.9-27.el8 | libtiff-tools-4.0.9-27.el8.s390x.rpm |
| RedHat | 8 | ppc64le | libtiff | < 4.0.9-27.el8 | libtiff-4.0.9-27.el8.ppc64le.rpm |
Related
oraclelinux
oraclelinux
libtiff security update
2023-05-24 00:00:00
libtiff security update
2023-05-15 00:00:00
nessus
nessus
RHEL 8 : libtiff (RHSA-2023:2883)
2023-05-16 00:00:00
AlmaLinux 8 : libtiff (ALSA-2023:2883)
2023-05-20 00:00:00
Oracle Linux 8 : libtiff (ELSA-2023-2883)
2023-05-24 00:00:00
osv
osv
Moderate: libtiff security update
2023-05-16 00:00:00
CVE-2022-3970
2022-11-13 08:15:16
tiff vulnerability
2022-11-24 17:02:39
almalinux
almalinux
Moderate: libtiff security update
2023-05-16 00:00:00
Moderate: libtiff security update
2023-05-09 00:00:00
ibm
ibm
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:4248-1)
2022-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4259-1)
2022-11-29 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1412)
2023-03-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-3970 affecting package libtiff 4.4.0-5
2022-11-24 00:45:37
CVE-2022-3970 affecting package libtiff for versions less than 4.4.0-6
2022-11-30 04:44:03
CVE-2022-3627 affecting package libtiff 4.4.0-4
2022-11-24 00:45:37
alpinelinux
alpinelinux
CVE-2022-3970
2022-11-13 08:15:16
CVE-2022-3627
2022-10-21 16:15:11
ubuntu
ubuntu
LibTIFF vulnerability
2022-11-24 00:00:00
LibTIFF vulnerability
2022-12-01 00:00:00
LibTIFF vulnerabilities
2023-02-02 00:00:00
redhatcve
redhatcve
CVE-2022-3970
2022-11-28 11:26:13
CVE-2022-3627
2022-11-28 10:26:11
nvd
nvd
CVE-2022-3970
2022-11-13 08:15:16
CVE-2022-3627
2022-10-21 16:15:11
redos
redos
ROS-20221118-01
2022-11-18 00:00:00
veracode
veracode
Integer Overflow
2022-11-14 06:29:11
Denial Of Service (DoS)
2022-10-24 06:05:39
cvelist
cvelist
CVE-2022-3970 LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
2022-11-13 00:00:00
CVE-2022-3627
2022-10-21 00:00:00
cve
cve
CVE-2022-3970
2022-11-13 08:15:16
CVE-2022-3627
2022-10-21 16:15:11
ubuntucve
ubuntucve
CVE-2022-3970
2022-11-13 00:00:00
CVE-2022-3627
2022-10-21 00:00:00
mageia
mageia
Updated libtiff packages fix security vulnerability
2022-12-07 02:32:48
Updated libtiff packages fix security vulnerability
2022-11-13 05:25:20
cloudfoundry
cloudfoundry
USN-5743-2: LibTIFF vulnerability | Cloud Foundry
2022-12-07 00:00:00
USN-5714-1: LibTIFF vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
debiancve
debiancve
CVE-2022-3970
2022-11-13 08:15:16
CVE-2022-3627
2022-10-21 16:15:11
prion
prion
Integer overflow
2022-11-13 08:15:00
Out-of-bounds
2022-10-21 16:15:00
f5
f5
K37923932 : libTIFF vulnerability CVE-2022-3970
2022-12-09 00:00:00
cnvd
cnvd
LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72091)
2022-10-25 00:00:00
amazon
amazon
Medium: libtiff
2023-08-17 11:58:00
Important: libtiff
2022-12-01 20:31:00
Important: libtiff
2022-12-01 17:33:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0286
2022-11-21 00:00:00
Critical Photon OS Security Update - PHSA-2022-0543
2022-11-22 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0286
2022-11-21 00:00:00
redhat
redhat
(RHSA-2023:3813) Moderate: Migration Toolkit for Runtimes security update
2023-06-27 10:52:18
(RHSA-2023:2340) Moderate: libtiff security update
2023-05-09 05:07:52
rosalinux
rosalinux
Advisory ROSA-SA-2023-2264
2023-10-22 05:35:45
Advisory ROSA-SA-2024-2338
2024-02-06 08:15:12
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.4.0-alt2
2022-12-27 00:00:00
slackware
slackware
[slackware-security] libtiff
2023-01-04 02:19:46
debian
debian
[SECURITY] [DLA 3278-1] tiff security update
2023-01-20 22:37:38
[SECURITY] [DSA 5333-1] tiff security update
2023-01-29 12:55:02
apple
apple
About the security content of iOS 16.6 and iPadOS 16.6
2023-07-24 00:00:00
About the security content of macOS Ventura 13.5
2023-07-24 00:00:00