libtiff-4.4.0-15.el9
エラータID: AXSA:2025-11144:09
Release date:
Friday, November 28, 2025 - 11:52
Subject:
libtiff-4.4.0-15.el9
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Security Fix(es):
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM
(CVE-2023-52355)
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial
of service (CVE-2023-52356)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
For detailed information on changes in this release, see the MIRACLE LINUX 9
Release Notes linked from the References section.
CVE(s):
CVE-2023-52355
CVE-2023-52356
Solution:
Update packages.
CVEs:
CVE-2023-52355
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
CVE-2023-52356
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Additional Info:
N/A
Download:
SRPMS
- libtiff-4.4.0-15.el9.src.rpm
MD5: 4357a492db5e2fb14dae37688ce311da
SHA-256: dc3840d52c59e6ee57fc7873f531be78a7249ef874a59c6d7f9227bb4f3c8a32
Size: 2.77 MB
Asianux Server 9 for x86_64
- libtiff-4.4.0-15.el9.i686.rpm
MD5: ec7887bee7cba1a8218e3511ea96a63b
SHA-256: 526ee8138b9792a245dcdafa83d0793ed57a845f8823048eccba69c0b891061d
Size: 213.59 kB - libtiff-4.4.0-15.el9.x86_64.rpm
MD5: 3b40684dc1a39c4891e7cba99952be04
SHA-256: b121f70b8e054691fad07d7de2e0f0484dac4ed67f7c98056a4861006ab8d4d4
Size: 195.94 kB - libtiff-devel-4.4.0-15.el9.i686.rpm
MD5: 11aaea23414549d7e5ca0cefb3eb716c
SHA-256: 12d7bc0215db4f6977d8d18918a41eb342e473051943190c4c48146b6c175b14
Size: 573.84 kB - libtiff-devel-4.4.0-15.el9.x86_64.rpm
MD5: c7083c5cf8e02dd31b013cc3b25f27f7
SHA-256: 66a25f632678e9109777cc3c7540eebcebe7f8159913399f65bf740531804b03
Size: 573.81 kB - libtiff-tools-4.4.0-15.el9.x86_64.rpm
MD5: 3f673fc4c62a517d11a35fb2213d5eaa
SHA-256: 9c5fe16dd17f104530ab213b76127cf94edc75fb32445b3b52b77ebb9faa6528
Size: 244.17 kB
日本語