CVE-2022-0909 – tiff: Divide By Zero error in tiffcrop
https://notcve.org/view.php?id=CVE-2022-0909
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa. Un error de División por cero en tiffcrop en libtiff versión 4.3.0 permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff a partir de fuentes, la corrección está disponible con el commit f8d0f9aa A floating-point exception (FPE) flaw was found in LibTIFF’s computeOutputPixelOffsets() function in tiffcrop.c file. This flaw allows an attacker with a crafted TIFF file to trigger a divide-by-zero error, causing a crash that leads to a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json https://gitlab.com/libtiff/libtiff/-/issues/393 https://gitlab.com/libtiff/libtiff/-/merge_requests/310 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2 https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory • CWE-369: Divide By Zero •
CVE-2022-0924 – libtiff: Out-of-bounds Read error in tiffcp
https://notcve.org/view.php?id=CVE-2022-0924
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. Un error de Lectura Fuera de límites en tiffcp en libtiff versión 4.3.0, permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff a partir de las fuentes, la corrección está disponible con el commit 408976c4 A heap buffer overflow flaw was found in Libtiffs' cpContigBufToSeparateBuf() function of the tiffcp.c file. This flaw allows an attacker with a crafted TIFF file to trigger a heap out-of-bounds read access issue, causing a crash that leads to a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json https://gitlab.com/libtiff/libtiff/-/issues/278 https://gitlab.com/libtiff/libtiff/-/merge_requests/311 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2 https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory • CWE-125: Out-of-bounds Read •
CVE-2022-0891 – libtiff: heap buffer overflow in extractImageSection
https://notcve.org/view.php?id=CVE-2022-0891
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact Un desbordamiento del búfer de la pila en la función ExtractImageSection en el archivo tiffcrop.c en libtiff library versión 4.3.0, permite a un atacante desencadenar un acceso no seguro o fuera de límites de la memoria por medio de un archivo de imagen TIFF diseñado, lo que podría resultar en un bloqueo de la aplicación, una posible divulgación de información o cualquier otro impacto dependiente del contexto • https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json https://gitlab.com/libtiff/libtiff/-/issues/380 https://gitlab.com/libtiff/libtiff/-/issues/382 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZY • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2022-0865 – libtiff: reachable assertion
https://notcve.org/view.php?id=CVE-2022-0865
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. Una Aserción Alcanzable en tiffcp en libtiff versión 4.3.0, permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 5e180045 A reachable assertion failure was found in libtiff's JBIG functionality. This flaw allows an attacker who can submit a crafted file to an application linked with libtiff and using the JBIG functionality, causes a crash via an assertion failure, leading to a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json https://gitlab.com/libtiff/libtiff/-/issues/385 https://gitlab.com/libtiff/libtiff/-/merge_requests/306 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2 https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory • CWE-617: Reachable Assertion •
CVE-2022-0561 – libtiff: Denial of Service via crafted TIFF file
https://notcve.org/view.php?id=CVE-2022-0561
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. Un puntero fuente null pasado como argumento a la función memcpy() dentro de TIFFFetchStripThing() en el archivo tif_dirread.c en libtiff versiones 3.9.0 a 4.3.0, podía conllevar a una denegación de servicio por medio de un archivo TIFF diseñado. Para usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit eecb0712 A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy() function within the TIFFFetchStripThing() in tif_dirread.c. This flaw allows an attacker with a crafted TIFF file to exploit this flaw, causing a crash and leading to a denial of service. • https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json https://gitlab.com/libtiff/libtiff/-/issues/362 https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advis • CWE-476: NULL Pointer Dereference •