SUSE Linux Enterprise: 2018:1835-1 Moderate: tiff Denial of Service Fix

suse

June 28, 2018

An update that fixes 13 vulnerabilities is now available

Summary

This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value (bsc#1019611) - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825) - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set

Topics Covered

security advisory moderate denial of service buffer overflow suse tiff

References

#1007276 #1011839 #1011846 #1017689 #1017690

#1019611 #1031263 #1082332 #1082825 #1086408

#974621

Cross- CVE-2014-8128 CVE-2015-7554 CVE-2016-10095

CVE-2016-10266 CVE-2016-3632 CVE-2016-5318

CVE-2016-8331 CVE-2016-9535 CVE-2016-9540

CVE-2017-11613 CVE-2017-5225 CVE-2018-7456

CVE-2018-8905

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2014-8128.html

https://www.suse.com/security/cve/CVE-2015-7554.html

https://www.suse.com/security/cve/CVE-2016-10095.html

https://www.suse.com/security/cve/CVE-2016-10266.html

https://www.suse.com/security/cve/CVE-2016-3632.html

Announcement ID: SUSE-SU-2018:1835-1

Rating: moderate

Topics Covered

security advisory moderate denial of service buffer overflow suse tiff

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise: 2018:1835-1 Moderate: tiff Denial of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise: 2018:1835-1 Moderate: tiff Denial of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!