libtiff.so is vulnerable to NULL pointer dereference. The vulnerability exists in createImageSection
function in tiffcrop.c
because it doesn’t check for return value of limitMalloc which allows an attacker to cause an application crash by sending a crafted tiff file.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | eq | 5.4.0 | |
libtiff.so | eq | 3.9.4 | |
libtiff.so | eq | 5.7.0 | |
libtiff.so | eq | 5.2.0 | |
libtiff.so | le | 4.3.6 | |
tiff:edge | eq | 4.2.0-r1 | |
tiff:edge | eq | 4.1.0-r0 | |
tiff:edge | eq | 4.3.0-r0 | |
tiff:edge | eq | 4.2.0-r0 | |
tiff:3.15 | eq | 4.3.0-r0 |
github.com/advisories/GHSA-6q3c-x5wm-6w9c
gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json
gitlab.com/libtiff/libtiff/-/commit/40b00cfb32256d377608b4d4cd30fac338d0a0bc
gitlab.com/libtiff/libtiff/-/issues/392
gitlab.com/libtiff/libtiff/-/merge_requests/314
lists.fedoraproject.org/archives/list/[email protected]/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
lists.fedoraproject.org/archives/list/[email protected]/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
security.gentoo.org/glsa/202210-10
security.netapp.com/advisory/ntap-20220506-0002/
www.debian.org/security/2022/dsa-5108