CVE-2022-0561NULL Pointer Dereference in Libtiff

CWE-476NULL Pointer Dereference9 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 81.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LibtiffDebian LinuxFedoraproject Fedora+1 more
Timeline
PublishedFeb 11
Latest updateMay 16

Description

Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDlibtiff/libtiff3.9.04.3.0
CVEListV5libtiff/libtiff>=3.9.0, <=4.3.0

Also affects: Debian Linux 10.0, 11.0, 9.0, Fedora 35, Enterprise Linux 8.0

Patches

Patch: gitlab.comPatch: gitlab.comPatch: gitlab.com

🔴Vulnerability Details

4
OSV
tiff vulnerabilities2022-05-16
GHSA
GHSA-g7mf-pj82-5qhj: Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread2022-02-12
CVEList
CVE-2022-0561: Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread2022-02-11
OSV
CVE-2022-0561: Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread2022-02-11

📋Vendor Advisories

4
Ubuntu
LibTIFF vulnerabilities2022-05-16
Red Hat
libtiff: Denial of Service via crafted TIFF file2022-02-11
Microsoft
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF fi2022-02-08
Debian
CVE-2022-0561: tiff - Null source pointer passed as an argument to memcpy() function within TIFFFetchS...2022
CVE-2022-0561 — NULL Pointer Dereference in Libtiff | cvebase