Debian Tiff vulnerabilities

CVE-2023-30775 [MEDIUM] CVE-2023-30775: tiff - A vulnerability was found in the libtiff library. This security flaw causes a he... A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. Scope: local bookworm: resolved (fixed in 4.5.0-2) bullseye: open forky: resolved (fixed in 4.5.0-2) sid: resolved (fixed in 4.5.0-2) trixie: resolved (fixed in 4.5.0-2)

CVE-2023-3164 [MEDIUM] CVE-2023-3164: tiff - A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSectio... A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.7.0-1) sid: resolved (fixed in 4.7.0-1) trixie: resolved (fixed in 4.7.0-1)

CVE-2023-1916 [MEDIUM] CVE-2023-1916: tiff - A flaw was found in tiffcrop, a program distributed by the libtiff package. A sp... A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. Scope: local bookworm: open bullseye: open forky: resolved (fixe

CVE-2023-6228 [LOW] CVE-2023-6228: tiff - An issue was found in the tiffcp utility distributed by the libtiff package wher... An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.7.0-1) sid: resolved (fixed in 4.7.0-1) trixie: resolved (fixed in 4.7.0-1)

CVE-2022-3570 [HIGH] CVE-2022-3570: tiff - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version ... Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: resolved (fixed in

CVE-2022-0908 [HIGH] CVE-2022-0908: tiff - Null source pointer passed as an argument to memcpy() function within TIFFFetchN... Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. Scope: local bookworm: resolved (fixed in 4.3.0-6) bullseye: resolved (fixed in 4.2.0-1+deb11u1) forky: resolved (fixed in 4.3.0-6) sid: resolved (fixed in 4.3.0-6) trixie: reso

CVE-2022-3627 [MEDIUM] CVE-2022-3627: tiff - LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:34... LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: resolv

CVE-2022-0891 [MEDIUM] CVE-2022-0891: tiff - A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff ... A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact Scope: local bookworm: resolved (fixed in 4.3.0-6) bullseye: r

CVE-2022-34526 [MEDIUM] CVE-2022-34526: tiff - A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4... A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities. Scope: local bookworm: resolved (fixed in 4.4.0-4) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.4.0-4) sid: re

CVE-2022-1355 [MEDIUM] CVE-2022-1355: tiff - A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function.... A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Scope: local bookworm: resolved (fixed in 4.3.0-8) bullseye: resolved (fixed in 4.2.

CVE-2022-2057 [MEDIUM] CVE-2022-2057: tiff - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a de... Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. Scope: local bookworm: resolved (fixed in 4.4.0-3) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.4.0-3) sid: resolved (fixed in 4.4.0-

CVE-2022-0907 [MEDIUM] CVE-2022-0907: tiff - Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 ... Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2. Scope: local bookworm: resolved (fixed in 4.3.0-6) bullseye: resolved (fixed in 4.2.0-1+deb11u1) forky: resolved (fixed in 4.3.0-6)

CVE-2022-22844 [MEDIUM] CVE-2022-22844: tiff - LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain ... LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. Scope: local bookworm: resolved (fixed in 4.3.0-3) bullseye: resolved (fixed in 4.2.0-1+deb11u1) forky: resolved (fixed in 4.3.0-3) sid: resolved (fixed in 4.3.0-3) trixie: resolved (fixed in 4.3.0-3)

CVE-2022-0924 [MEDIUM] CVE-2022-0924: tiff - Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a ... Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. Scope: local bookworm: resolved (fixed in 4.3.0-6) bullseye: resolved (fixed in 4.2.0-1+deb11u1) forky: resolved (fixed in 4.3.0-6) sid: resolved (fixed in 4.3.

CVE-2022-1623 [MEDIUM] CVE-2022-1623: tiff - LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.... LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. Scope: local bookworm: resolved (fixed in 4.4.0~rc1-1) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed

CVE-2022-4645 [MEDIUM] CVE-2022-4645: tiff - LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowin... LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.4.0-5) sid:

CVE-2022-3599 [MEDIUM] CVE-2022-3599: tiff - LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.... LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in

CVE-2022-40090 [MEDIUM] CVE-2022-40090: tiff - An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allow... An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file. Scope: local bookworm: resolved (fixed in 4.5.0-2) bullseye: open forky: resolved (fixed in 4.5.0-2) sid: resolved (fixed in 4.5.0-2) trixie: resolved (fixed in 4.5.0-2)

CVE-2022-3626 [MEDIUM] CVE-2022-3626: tiff - LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:34... LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: reso

CVE-2022-0909 [MEDIUM] CVE-2022-0909: tiff - Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a de... Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa. Scope: local bookworm: resolved (fixed in 4.3.0-6) bullseye: resolved (fixed in 4.2.0-1+deb11u1) forky: resolved (fixed in 4.3.0-6) sid: resolved (fixed in 4.3.0-