libtiff-4.4.0-10.el9

エラータID: AXSA:2023-6618:08

Release date: 
Thursday, December 7, 2023 - 06:38
Subject: 
libtiff-4.4.0-10.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* libtiff: null pointer dereference in LZWDecode() in libtiff/tif_lzw.c (CVE-2023-2731)
* libtiff: tiffcrop: null pointer dereference in TIFFClose() (CVE-2023-3316)
* libtiff: memory leak in tiffcrop.c (CVE-2023-3576)
* libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c (CVE-2023-26965)
* libtiff: Buffer Overflow in uv_encode() (CVE-2023-26966)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-26965
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVE-2023-26966
libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.
CVE-2023-3316
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.
CVE-2023-3576
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.4.0-10.el9.src.rpm
    MD5: 235edc2043e29f4620243dd8b5fae42c
    SHA-256: efc760fc0f99661e8b7c573dc483c024c320719dc939b0a0136b7701c2350dcb
    Size: 2.75 MB

Asianux Server 9 for x86_64
  1. libtiff-4.4.0-10.el9.i686.rpm
    MD5: 06da197d7cb03aa21505d1d34327a48f
    SHA-256: dd6ba0e625c79e0b0107e599dcea090ca6228bc72004343ab24e93a831b1ff23
    Size: 213.04 kB
  2. libtiff-4.4.0-10.el9.x86_64.rpm
    MD5: f75171aee6b1ea72dbcd5fa434240e12
    SHA-256: bd84d447c1618193e77e76702be050a1681b64d8548769ecdc78281f95b14c35
    Size: 195.54 kB
  3. libtiff-devel-4.4.0-10.el9.i686.rpm
    MD5: b1b0ea2f33614c330fc09f6b33ac5d5f
    SHA-256: 8b75bcbef47695f0907b5addee8f142e2086e3bca4b2ff3e2757b705d08247b6
    Size: 513.27 kB
  4. libtiff-devel-4.4.0-10.el9.x86_64.rpm
    MD5: 4c1173e35a5c2166dbd4a380a9681f38
    SHA-256: acc22dc0a5df5e13e902e21fdedf36bc39d67909c0787465ddb62c6677553738
    Size: 513.31 kB
  5. libtiff-tools-4.4.0-10.el9.x86_64.rpm
    MD5: a98d03e15fb014f308db9a9949b7d9e6
    SHA-256: 357f6cee647da8daab8620d2b26f37e828940f91b07babba09220bf353ad7c6c
    Size: 236.02 kB