A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libtiff-doc": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff5-dbgsym": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff-opengl": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiffxx5-dbgsym": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff-opengl-dbgsym": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff-tools-dbgsym": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff5": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff-dev": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff-tools": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiffxx5": "4.1.0+git191117-2ubuntu0.20.04.5", "libtiff5-dev": "4.1.0+git191117-2ubuntu0.20.04.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libtiff-doc": "4.3.0-6ubuntu0.1", "libtiff5-dbgsym": "4.3.0-6ubuntu0.1", "libtiff-opengl": "4.3.0-6ubuntu0.1", "libtiffxx5-dbgsym": "4.3.0-6ubuntu0.1", "libtiff-opengl-dbgsym": "4.3.0-6ubuntu0.1", "libtiff-tools-dbgsym": "4.3.0-6ubuntu0.1", "libtiff5": "4.3.0-6ubuntu0.1", "libtiff-dev": "4.3.0-6ubuntu0.1", "libtiff-tools": "4.3.0-6ubuntu0.1", "libtiffxx5": "4.3.0-6ubuntu0.1", "libtiff5-dev": "4.3.0-6ubuntu0.1" } ] }