Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. (CVE-2022-3570)
It was discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted tiff file and potentially use this issue to cause a denial of service. (CVE-2022-3598)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libtiff-doc": "4.0.6-1ubuntu0.8+esm6", "libtiff5-dbgsym": "4.0.6-1ubuntu0.8+esm6", "libtiff-opengl": "4.0.6-1ubuntu0.8+esm6", "libtiffxx5-dbgsym": "4.0.6-1ubuntu0.8+esm6", "libtiff-opengl-dbgsym": "4.0.6-1ubuntu0.8+esm6", "libtiff-tools-dbgsym": "4.0.6-1ubuntu0.8+esm6", "libtiff5": "4.0.6-1ubuntu0.8+esm6", "libtiff-tools": "4.0.6-1ubuntu0.8+esm6", "libtiffxx5": "4.0.6-1ubuntu0.8+esm6", "libtiff5-dev": "4.0.6-1ubuntu0.8+esm6" } ] }