CVE-2022-3599
libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
LibTIFF versión 4.4.0, presenta una lectura fuera de límites en writeSingleSection en el archivo tools/tiffcrop.c:7345, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit e8131125
An out-of-bounds read flaw was found in the writeSingleSection function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition.
It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-19 CVE Reserved
- 2022-10-21 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20230110-0001 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/issues/398 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246 | 2023-02-23 |
| URL | Date | SRC |
|---|---|---|
| https://www.debian.org/security/2023/dsa-5333 | 2023-02-23 | |
| https://access.redhat.com/security/cve/CVE-2022-3599 | 2023-05-09 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2142740 | 2023-05-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libtiff Search vendor "Libtiff" | Libtiff Search vendor "Libtiff" for product "Libtiff" | <= 4.4.0 Search vendor "Libtiff" for product "Libtiff" and version " <= 4.4.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||