CVE-2022-3627
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemcpy en el archivo libtiff/tif_unix.c:346 cuando se llama desde extractImageSection, tools/tiffcrop.c:6860, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191
An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition.
It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-21 CVE Reserved
- 2022-10-21 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20230110-0001 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/issues/411 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 | 2023-02-23 |
| URL | Date | SRC |
|---|---|---|
| https://www.debian.org/security/2023/dsa-5333 | 2023-02-23 | |
| https://access.redhat.com/security/cve/CVE-2022-3627 | 2023-05-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2142742 | 2023-05-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libtiff Search vendor "Libtiff" | Libtiff Search vendor "Libtiff" for product "Libtiff" | <= 4.4.0 Search vendor "Libtiff" for product "Libtiff" and version " <= 4.4.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||