CVE-2022-0891
published 2022-03-10CVE-2022-0891: A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory…
PriorityP431high7.1CVSS 3.1
AVNACLPRNUIRSUCLINAH
EPSS
1.54%
71.8th percentile
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | tiff | < tiff 4.3.0-6 (bookworm) | tiff 4.3.0-6 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | 3.9.0 – 4.3.0 | — |
| msrc | cbl2_libtiff_4.3.0-2_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_libtiff_4.1.0-3_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:P
osv7.1HIGH
vendor_msrc7.1HIGH
vendor_debian6.1MEDIUM
vendor_redhat6.1MEDIUM
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
tiff vulnerabilities
osv·2022-05-16·CVSS 5.5
CVE-2020-35522 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubunt
GHSA
GHSA-ppwc-w499-gfmh: A heap buffer overflow in ExtractImageSection function in tiffcrop
ghsa_unreviewed·2022-03-11
CVE-2022-0891 [HIGH] CWE-787 GHSA-ppwc-w499-gfmh: A heap buffer overflow in ExtractImageSection function in tiffcrop
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
OSV
CVE-2022-0891: A heap buffer overflow in ExtractImageSection function in tiffcrop
osv·2022-03-10·CVSS 7.1
CVE-2022-0891 [HIGH] CVE-2022-0891: A heap buffer overflow in ExtractImageSection function in tiffcrop
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2022-05-16·CVSS 5.5
CVE-2022-0891 [MEDIUM] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. T
Microsoft
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which
vendor_msrc·2022-03-08·CVSS 7.1
CVE-2022-0891 [MEDIUM] CWE-787 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash potential information disclosure or any other context-dependent impact
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025.
Red Hat
libtiff: heap buffer overflow in extractImageSection
vendor_redhat·2022-02-22·CVSS 6.1
CVE-2022-0891 [MEDIUM] CWE-120 libtiff: heap buffer overflow in extractImageSection
libtiff: heap buffer overflow in extractImageSection
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Statement: The severity of this flaw was changed to Low because it is an out-of-bounds read of 1 byte and in the tiffcrop tool rather than in the library.
Package: libtiff (Red Hat Enterprise Linux 6) - Out of support scope
Package: compat-libtiff3 (Red Hat Enterprise Linux 7) - Out of support scope
Package: libtiff (Red Hat Enterprise Linux 7) - Out of support scope
Package: compat-libtiff3 (Red Hat Enterprise Linux 8) - Fix de
Debian
CVE-2022-0891: tiff - A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff ...
vendor_debian·2022·CVSS 6.1
CVE-2022-0891 [MEDIUM] CVE-2022-0891: tiff - A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff ...
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Scope: local
bookworm: resolved (fixed in 4.3.0-6)
bullseye: resolved (fixed in 4.2.0-1+deb11u1)
forky: resolved (fixed in 4.3.0-6)
sid: resolved (fixed in 4.3.0-6)
trixie: resolved (fixed in 4.3.0-6)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7chttps://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.jsonhttps://gitlab.com/libtiff/libtiff/-/issues/380https://gitlab.com/libtiff/libtiff/-/issues/382https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/https://security.gentoo.org/glsa/202210-10https://security.netapp.com/advisory/ntap-20221228-0008/https://www.debian.org/security/2022/dsa-5108https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7chttps://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.jsonhttps://gitlab.com/libtiff/libtiff/-/issues/380https://gitlab.com/libtiff/libtiff/-/issues/382https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/https://security.gentoo.org/glsa/202210-10https://security.netapp.com/advisory/ntap-20221228-0008/https://www.debian.org/security/2022/dsa-5108
2022-03-10
Published