CVE-2022-3597
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
LibTIFF versión 4.4.0, presenta una escritura fuera de límites en el archivo _TIFFmemcpy en libtiff/tif_unix.c:346 cuando es llamado desde extractImageSection, tools/tiffcrop.c:6826, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191
An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-19 CVE Reserved
- 2022-10-21 CVE Published
- 2024-06-11 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
- CWE-787: Out-of-bounds Write
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20230110-0001 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/issues/413 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 | 2023-02-23 |
| URL | Date | SRC |
|---|---|---|
| https://www.debian.org/security/2023/dsa-5333 | 2023-02-23 | |
| https://access.redhat.com/security/cve/CVE-2022-3597 | 2023-05-09 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2142736 | 2023-05-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libtiff Search vendor "Libtiff" | Libtiff Search vendor "Libtiff" for product "Libtiff" | <= 4.4.0 Search vendor "Libtiff" for product "Libtiff" and version " <= 4.4.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||