Package        : tiff
Version        : 4.0.3-12.3+deb8u6
CVE ID         : CVE-2017-11613 CVE-2018-5784 CVE-2018-7456
                 CVE-2018-8905 CVE-2018-10963
Debian Bug     : 869823 898348 890441 891288 893806

Several issues were discovered in TIFF, the Tag Image File Format
library, that allowed remote attackers to cause a denial-of-service or
other unspecified impact via a crafted image file.

CVE-2017-11613: DoS vulnerability
    A crafted input will lead to a denial of service attack. During the
    TIFFOpen process, td_imagelength is not checked. The value of
    td_imagelength can be directly controlled by an input file. In the
    ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc
    function is called based on td_imagelength. If the value of
    td_imagelength is set close to the amount of system memory, it will
    hang the system or trigger the OOM killer.

CVE-2018-10963: DoS vulnerability
    The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF
    allows remote attackers to cause a denial of service (assertion
    failure and application crash) via a crafted file, a different
    vulnerability than CVE-2017-13726.

CVE-2018-5784: DoS vulnerability
    In LibTIFF, there is an uncontrolled resource consumption in the
    TIFFSetDirectory function of tif_dir.c. Remote attackers could
    leverage this vulnerability to cause a denial of service via a
    crafted tif file.
    This occurs because the declared number of directory entries is not
    validated against the actual number of directory entries.

CVE-2018-7456: NULL Pointer Dereference
    A NULL Pointer Dereference occurs in the function TIFFPrintDirectory
    in tif_print.c in LibTIFF when using the tiffinfo tool to print
    crafted TIFF information, a different vulnerability than
    CVE-2017-18013. (This affects an earlier part of the
    TIFFPrintDirectory function that was not addressed by the
    CVE-2017-18013 patch.)

CVE-2018-8905: Heap-based buffer overflow
    In LibTIFF, a heap-based buffer overflow occurs in the function
    LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as
    demonstrated by tiff2ps.

For Debian 8 "Jessie", these problems have been fixed in version
4.0.3-12.3+deb8u6.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-1411-1: tiff security update

July 2, 2018
Several issues were discovered in TIFF, the Tag Image File Format library, that allowed remote attackers to cause a denial-of-service or other unspecified impact via a crafted imag...

Summary

CVE-2018-10963: DoS vulnerability
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF
allows remote attackers to cause a denial of service (assertion
failure and application crash) via a crafted file, a different
vulnerability than CVE-2017-13726.

CVE-2018-5784: DoS vulnerability
In LibTIFF, there is an uncontrolled resource consumption in the
TIFFSetDirectory function of tif_dir.c. Remote attackers could
leverage this vulnerability to cause a denial of service via a
crafted tif file.
This occurs because the declared number of directory entries is not
validated against the actual number of directory entries.

CVE-2018-7456: NULL Pointer Dereference
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory
in tif_print.c in LibTIFF when using the tiffinfo tool to print
crafted TIFF information, a different vulnerability than
CVE-2017-18013. (This affects an earlier part of the
TIFFPrintDirectory function that was not addressed by the
CVE-2017-18013 patch.)

CVE-2018-8905: Heap-based buffer overflow
In LibTIFF, a heap-based buffer overflow occurs in the function
LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as
demonstrated by tiff2ps.

For Debian 8 "Jessie", these problems have been fixed in version
4.0.3-12.3+deb8u6.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
Package : tiff
Version : 4.0.3-12.3+deb8u6
CVE ID : CVE-2017-11613 CVE-2018-5784 CVE-2018-7456
Debian Bug : 869823 898348 890441 891288 893806

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved