OESA-2022-2020

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-2020
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2022-2020.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2022-2020
Upstream
Published
2022-10-28T11:04:28Z
Modified
2025-08-12T05:14:24.706097Z
Summary
libtiff security update
Details

This libtiff provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff library.

Security Fix(es):

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact(CVE-2022-3570)

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.(CVE-2022-3597)

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.(CVE-2022-3599)

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.(CVE-2022-3598)

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemset in libtiff/tifunix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.(CVE-2022-3626)

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.(CVE-2022-3627)

Database specific 
{
    "severity": "Critical"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / libtiff

Package

Name
libtiff
Purl
pkg:rpm/openEuler/libtiff&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.0-6.oe1

Ecosystem specific 

{
    "src": [
        "libtiff-4.3.0-6.oe1.src.rpm"
    ],
    "x86_64": [
        "libtiff-debuginfo-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-debugsource-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-devel-4.3.0-6.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "libtiff-debuginfo-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-debugsource-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-devel-4.3.0-6.oe1.aarch64.rpm"
    ],
    "noarch": [
        "libtiff-help-4.3.0-6.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / libtiff

Package

Name
libtiff
Purl
pkg:rpm/openEuler/libtiff&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.0-6.oe1

Ecosystem specific 

{
    "src": [
        "libtiff-4.3.0-6.oe1.src.rpm"
    ],
    "x86_64": [
        "libtiff-debuginfo-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-devel-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-debugsource-4.3.0-6.oe1.x86_64.rpm",
        "libtiff-4.3.0-6.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "libtiff-debuginfo-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-debugsource-4.3.0-6.oe1.aarch64.rpm",
        "libtiff-devel-4.3.0-6.oe1.aarch64.rpm"
    ],
    "noarch": [
        "libtiff-help-4.3.0-6.oe1.noarch.rpm"
    ]
}

openEuler:22.03-LTS / libtiff

Package

Name
libtiff
Purl
pkg:rpm/openEuler/libtiff&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.0-20.oe2203

Ecosystem specific 

{
    "src": [
        "libtiff-4.3.0-20.oe2203.src.rpm"
    ],
    "x86_64": [
        "libtiff-static-4.3.0-20.oe2203.x86_64.rpm",
        "libtiff-tools-4.3.0-20.oe2203.x86_64.rpm",
        "libtiff-4.3.0-20.oe2203.x86_64.rpm",
        "libtiff-devel-4.3.0-20.oe2203.x86_64.rpm",
        "libtiff-debuginfo-4.3.0-20.oe2203.x86_64.rpm",
        "libtiff-debugsource-4.3.0-20.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "libtiff-debugsource-4.3.0-20.oe2203.aarch64.rpm",
        "libtiff-static-4.3.0-20.oe2203.aarch64.rpm",
        "libtiff-tools-4.3.0-20.oe2203.aarch64.rpm",
        "libtiff-4.3.0-20.oe2203.aarch64.rpm",
        "libtiff-devel-4.3.0-20.oe2203.aarch64.rpm",
        "libtiff-debuginfo-4.3.0-20.oe2203.aarch64.rpm"
    ],
    "noarch": [
        "libtiff-help-4.3.0-20.oe2203.noarch.rpm"
    ]
}