Ubuntu 5743-1: LibTIFF vulnerability | LinuxSecurity.com
==========================================================================
Ubuntu Security Notice USN-5743-1
November 24, 2022

tiff vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

LibTIFF could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
- tiff: Tag Image File Format (TIFF) library

Details:

It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a 
specially crafted image, a remote attacker could crash the application, 
leading to a denial of service, or possibly execute arbitrary code with 
user privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   libtiff-tools                   4.0.6-1ubuntu0.8+esm8
   libtiff5                         4.0.6-1ubuntu0.8+esm8

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5743-1
   CVE-2022-3970

Ubuntu 5743-1: LibTIFF vulnerability

November 24, 2022

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - tiff: Tag Image File Format (TIFF) library Details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: libtiff-tools 4.0.6-1ubuntu0.8+esm8 libtiff5 4.0.6-1ubuntu0.8+esm8 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5743-1

CVE-2022-3970

Severity
Ubuntu Security Notice USN-5743-1

Package Information

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.