[Bugs] [Bug 13268] New: [CVE 21] libtiff 4.1.0 CVEs found

bugzilla bugzilla на rosalinux.ru
Ср Май 3 17:00:18 MSK 2023 

https://bugzilla.rosalinux.ru/show_bug.cgi?id=13268

          Platform: 2021.1
            Bug ID: 13268
           Summary: [CVE 21] libtiff 4.1.0  CVEs found
    Classification: ROSA-based products
           Product: ROSA Fresh
           Version: All
          Hardware: All
               URL: CVE-2022-2868, CVE-2022-2869, CVE-2022-3570,
                    CVE-2022-3970, CVE-2023-1916,
                OS: Linux
            Status: CONFIRMED
          Severity: normal
          Priority: Normal
         Component: System (kernel, glibc, systemd, bash, PAM...)
          Assignee: bugs на lists.rosalinux.ru
          Reporter: y.tumanov на rosalinux.ru
        QA Contact: bugs на lists.rosalinux.ru
                CC: s.matveev на rosalinux.ru, y.tumanov на rosalinux.ru
  Target Milestone: ---
             Flags: secteam_verified?

Please patch CVEs for package libtiff version 4.1.0

INFO (CVEs are): libtiff 4.1.0
 cves found
CVE-2022-2868
Desc: libtiff's tiffcrop utility has a improper input validation flaw that can
lead to out of bounds read and ultimately cause a crash if an attacker is able
to supply a crafted file to tiffcrop.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-2868
Severity: MEDIUM
CVE-2022-2869
Desc: libtiff's tiffcrop tool has a uint32_t underflow which leads to out of
bounds read and write in the extractContigSamples8bits routine. An attacker who
supplies a crafted file to tiffcrop could trigger this flaw, most likely by
tricking a user into opening the crafted file with tiffcrop. Triggering this
flaw could cause a crash or potentially further exploitation.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-2869
Severity: MEDIUM
CVE-2022-3570
Desc: Multiple heap buffer overflows in tiffcrop.c utility in libtiff library
Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access
via crafted TIFF image file which could result into application crash,
potential information disclosure or any other context-dependent impact
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-3570
Severity: MEDIUM
CVE-2022-3970
Desc: A vulnerability was found in LibTIFF. It has been classified as critical.
This affects the function TIFFReadRGBATileExt of the file
libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is
possible to initiate the attack remotely. The exploit has been disclosed to the
public and may be used. The name of the patch is
227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to
fix this issue. The identifier VDB-213549 was assigned to this vulnerability.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-3970
Severity: HIGH
CVE-2023-1916
Desc: A flaw was found in tiffcrop, a program distributed by the libtiff
package. A specially crafted tiff file can lead to an out-of-bounds read in the
extractImageSection function in tools/tiffcrop.c, resulting in a denial of
service and limited information disclosure. This issue affects libtiff versions
4.x.
Link: https://nvd.nist.gov/vuln/detail/CVE-2023-1916
Severity: MEDIUM

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230503/ec78dba6/attachment.html>

Подробная информация о списке рассылки Bugs