ALAS2023-2023-067 --- libtiffID: oval:org.secpod.oval:def:19500002 | Date: (C)2023-06-12 (M)2023-07-26 |
Class: PATCH | Family: unix |
There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1. A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8
Platform: |
Amazon Linux 2023 |