CVE-2022-22844 — Out-of-bounds Read in Libtiff

CWE-125 — Out-of-bounds Read10 documents7 sources

Severity

5.5MEDIUMNVD

OSV7.5

EPSS

0.1%

top 81.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Debian Linux Libtiff +3 more

Timeline

PublishedJan 10

Latest updateSep 12

Description

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

▶NVDlibtiff/libtiff4.3.0

▶msrcmsrc/cbl2_libtiff_4.3.0-2_on_cbl_mariner_2.0

▶debiandebian/tiff< tiff 4.3.0-3 (bookworm)

▶msrcmsrc/cbl_mariner_2.0_arm

▶msrcmsrc/cbl_mariner_2.0_x64

Also affects: Debian Linux 10.0, 11.0, 9.0

🔴Vulnerability Details

OSV

tiff vulnerabilities↗2022-09-12

▶

OSV

tiff vulnerabilities↗2022-07-19

▶

GHSA

GHSA-3r35-352r-wrcc: LibTIFF 4↗2022-01-11

▶

OSV

CVE-2022-22844: LibTIFF 4↗2022-01-10

▶

📋Vendor Advisories

Ubuntu

LibTIFF vulnerabilities↗2022-09-12

▶

Ubuntu

LibTIFF vulnerabilities↗2022-07-19

▶

Microsoft

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.↗2022-01-11

▶

Red Hat

libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c↗2022-01-04

▶

Debian

CVE-2022-22844: tiff - LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain ...↗2022

▶