UBUNTU-CVE-2019-17546
- Source
- https://ubuntu.com/security/CVE-2019-17546
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-17546.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2019-17546
- Upstream
- Downstream
- Related
- Published
- 2019-10-14T02:15:00Z
- Modified
- 2025-09-08T16:45:38Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal@1.10.1+dfsg-5ubuntu1+esm1?arch=source&distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.1+dfsg-5ubuntu1+esm1
Affected versions
1.*
1.9.0-3.1ubuntu4
1.9.0-3.1ubuntu6
1.10.1+dfsg-2
1.10.1+dfsg-2build1
1.10.1+dfsg-3
1.10.1+dfsg-3build1
1.10.1+dfsg-3build2
1.10.1+dfsg-3ubuntu1
1.10.1+dfsg-3ubuntu2
1.10.1+dfsg-5ubuntu1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "gdal-bin"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "libgdal-dev"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "libgdal-java"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "libgdal-perl"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "libgdal1-dev"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "libgdal1h"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "python-gdal"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm1",
"binary_name": "python3-gdal"
}
]
}
Ubuntu:Pro:14.04:LTS / tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.3-7ubuntu0.11+esm6?arch=source&distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.3-7ubuntu0.11+esm6
Affected versions
4.*
4.0.2-4ubuntu3
4.0.3-5ubuntu1
4.0.3-6
4.0.3-6ubuntu1
4.0.3-7
4.0.3-7ubuntu0.1
4.0.3-7ubuntu0.2
4.0.3-7ubuntu0.3
4.0.3-7ubuntu0.4
4.0.3-7ubuntu0.6
4.0.3-7ubuntu0.7
4.0.3-7ubuntu0.8
4.0.3-7ubuntu0.9
4.0.3-7ubuntu0.10
4.0.3-7ubuntu0.11
4.0.3-7ubuntu0.11+esm1
4.0.3-7ubuntu0.11+esm2
4.0.3-7ubuntu0.11+esm3
4.0.3-7ubuntu0.11+esm4
4.0.3-7ubuntu0.11+esm5
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff4-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff5-alt-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm6",
"binary_name": "libtiffxx5"
}
]
}
Ubuntu:16.04:LTS / tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.6-1ubuntu0.7?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.6-1ubuntu0.7
Affected versions
4.*
4.0.3-12.3ubuntu2
4.0.5-1
4.0.6-1
4.0.6-1ubuntu0.1
4.0.6-1ubuntu0.2
4.0.6-1ubuntu0.3
4.0.6-1ubuntu0.4
4.0.6-1ubuntu0.5
4.0.6-1ubuntu0.6
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "4.0.6-1ubuntu0.7",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.6-1ubuntu0.7",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.6-1ubuntu0.7",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.6-1ubuntu0.7",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.6-1ubuntu0.7",
"binary_name": "libtiffxx5"
}
]
}
Ubuntu:Pro:16.04:LTS / gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal@1.11.3+dfsg-3build2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.11.2+dfsg-3ubuntu3
1.11.2+dfsg-3ubuntu4
1.11.3+dfsg-2build1
1.11.3+dfsg-2build2
1.11.3+dfsg-2build3
1.11.3+dfsg-3
1.11.3+dfsg-3build1
1.11.3+dfsg-3build2
Ecosystem specific
{
"binaries": [
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "gdal-bin"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "libgdal-dev"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "libgdal-java"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "libgdal-perl"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "libgdal1-dev"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "libgdal1i"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "python-gdal"
},
{
"binary_version": "1.11.3+dfsg-3build2",
"binary_name": "python3-gdal"
}
]
}
Ubuntu:Pro:16.04:LTS / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.5.1-2build1?arch=source&distro=esm-apps/xenial
Ubuntu:18.04:LTS / tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.9-5ubuntu0.3?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.9-5ubuntu0.3
Affected versions
4.*
4.0.8-5
4.0.8-6
4.0.9-1
4.0.9-2
4.0.9-3
4.0.9-4
4.0.9-4ubuntu1
4.0.9-5
4.0.9-5ubuntu0.1
4.0.9-5ubuntu0.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.9-5ubuntu0.3",
"binary_name": "libtiffxx5"
}
]
}
Ubuntu:Pro:18.04:LTS / neuron
Package
- Name
- neuron
- Purl
- pkg:deb/ubuntu/neuron@7.5-1?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:18.04:LTS / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.9.5-0ubuntu1?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:18.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.9.1+dfsg-4
5.9.1+dfsg-4ubuntu1
5.9.2+dfsg-2ubuntu1
5.9.3+dfsg-0ubuntu1
5.9.4+dfsg-0ubuntu1
5.9.5+dfsg-0ubuntu2
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "libqt5webengine-data"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "libqt5webengine5"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "libqt5webenginecore5"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "libqt5webenginewidgets5"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qml-module-qtwebengine"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qtwebengine5-dev"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qtwebengine5-dev-tools"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qtwebengine5-doc-html"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qtwebengine5-examples"
},
{
"binary_version": "5.9.5+dfsg-0ubuntu2",
"binary_name": "qtwebengine5-private-dev"
}
]
}
Ubuntu:Pro:18.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.2-1build2?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:20.04:LTS / neuron
Package
- Name
- neuron
- Purl
- pkg:deb/ubuntu/neuron@7.6.3-1build4?arch=source&distro=esm-apps/focal
Ubuntu:Pro:20.04:LTS / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.12.8-0ubuntu1?arch=source&distro=esm-apps/focal
Ubuntu:Pro:20.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.12.4+dfsg-1ubuntu1
5.12.4+dfsg-1ubuntu3
5.12.5+dfsg-3ubuntu1
5.12.5+dfsg-6ubuntu2
5.12.5+dfsg-7
5.12.5+dfsg-7build1
5.12.8+dfsg-0ubuntu1
5.12.8+dfsg-0ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "libqt5webengine-data"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "libqt5webengine5"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "libqt5webenginecore5"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "libqt5webenginewidgets5"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qml-module-qtwebengine"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qtwebengine5-dev"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qtwebengine5-dev-tools"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qtwebengine5-doc-html"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qtwebengine5-examples"
},
{
"binary_version": "5.12.8+dfsg-0ubuntu1.1",
"binary_name": "qtwebengine5-private-dev"
}
]
}
Ubuntu:Pro:20.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.3-1build5?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / neuron
Package
- Name
- neuron
- Purl
- pkg:deb/ubuntu/neuron@7.6.3-1build6?arch=source&distro=jammy
Ubuntu:22.04:LTS / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.15.3-1?arch=source&distro=jammy
Ubuntu:22.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.6+dfsg-1
5.15.6+dfsg-2
5.15.7+dfsg-2
5.15.8+dfsg-1
5.15.8+dfsg-1build1
5.15.8+dfsg-1build2
5.15.8+dfsg-2
5.15.9+dfsg-1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5pdf5"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5pdfwidgets5"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5webengine-data"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5webengine5"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5webenginecore5"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "libqt5webenginewidgets5"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qml-module-qtquick-pdf"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qml-module-qtwebengine"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qt5-image-formats-plugin-pdf"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtpdf5-dev"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtpdf5-doc-html"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtpdf5-examples"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtwebengine5-dev"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtwebengine5-dev-tools"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtwebengine5-doc-html"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtwebengine5-examples"
},
{
"binary_version": "5.15.9+dfsg-1",
"binary_name": "qtwebengine5-private-dev"
}
]
}
Ubuntu:22.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.3-1build9?arch=source&distro=jammy
Ubuntu:24.04:LTS / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.15.13-1?arch=source&distro=noble
Ubuntu:24.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.15+dfsg-2
5.15.15+dfsg-2build2
5.15.15+dfsg-2ubuntu1
5.15.16+dfsg-1
5.15.16+dfsg-1ubuntu2
5.15.16+dfsg-1ubuntu4
5.15.16+dfsg-3
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5pdf5"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5pdfwidgets5"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5webengine-data"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5webengine5"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5webenginecore5"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "libqt5webenginewidgets5"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qml-module-qtquick-pdf"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qml-module-qtwebengine"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qt5-image-formats-plugin-pdf"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtpdf5-dev"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtpdf5-doc-html"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtpdf5-examples"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtwebengine5-dev"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtwebengine5-dev-tools"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtwebengine5-doc-html"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtwebengine5-examples"
},
{
"binary_version": "5.15.16+dfsg-3",
"binary_name": "qtwebengine5-private-dev"
}
]
}
Ubuntu:24.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.1.3+dfsg-1build8?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04 / paraview
Package
- Name
- paraview
- Purl
- pkg:deb/ubuntu/paraview@5.13.2+dfsg-2ubuntu1?arch=source&distro=plucky
Ubuntu:25.04 / qtimageformats-opensource-src
Package
- Name
- qtimageformats-opensource-src
- Purl
- pkg:deb/ubuntu/qtimageformats-opensource-src@5.15.15-3?arch=source&distro=plucky
Ubuntu:25.04 / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.17+dfsg-4
5.15.17+dfsg-5
5.15.17+dfsg2-1
5.15.17+dfsg2-2
5.15.17+dfsg2-3
5.15.18+dfsg-1
5.15.18+dfsg-2
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5pdf5"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5pdfwidgets5"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5webengine-data"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5webengine5"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5webenginecore5"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "libqt5webenginewidgets5"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qml-module-qtquick-pdf"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qml-module-qtwebengine"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qt5-image-formats-plugin-pdf"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtpdf5-dev"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtpdf5-doc-html"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtpdf5-examples"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtwebengine5-dev"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtwebengine5-dev-tools"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtwebengine5-doc-html"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtwebengine5-examples"
},
{
"binary_version": "5.15.18+dfsg-2",
"binary_name": "qtwebengine5-private-dev"
}
]
}