CVE-2022-4645

libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

A flaw was found in tiffcp, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the tiffcp function in tools/tiffcp.c, resulting in a denial of service and limited information disclosure.

The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

*Credits: wangdw.augustus@gmail.com

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2022-12-22 CVE Reserved
2023-03-03 CVE Published
2025-03-30 EPSS Updated
2025-04-04 CVE Updated
2025-04-04 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (9)

URL	Tag	Source
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json	Third Party Advisory
https://security.netapp.com/advisory/ntap-20230331-0001

URL	Date	SRC
https://gitlab.com/libtiff/libtiff/-/issues/277	2025-04-04

URL	Date	SRC
https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246	2023-11-07

URL	Date	SRC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZTFA6GGOKFPIQNHDBMXYUR4XUXUJESE	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA6GRCAQ7NR2OK5N44UQRGUJBIYKWJJH	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLM763GGZVVOAXIQXG6YGTYJ5VFYNECQ	2023-11-07
https://access.redhat.com/security/cve/CVE-2022-4645	2024-05-22
https://bugzilla.redhat.com/show_bug.cgi?id=2176220	2024-05-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Libtiff Search vendor "Libtiff"		Libtiff Search vendor "Libtiff" for product "Libtiff"				<= 4.4.0 Search vendor "Libtiff" for product "Libtiff" and version " <= 4.4.0"		-		Affected