It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-25433, CVE-2023-26965)
It was discovered that LibTIFF was not properly processing numerical values when dealing with little-endian input data, which could lead to the execution of an invalid operation. An attacker could possibly use this issue to cause a denial of service (CVE-2023-26966)
It was discovered that LibTIFF was not properly performing bounds checks when closing a previously opened TIFF file, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3316)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libtiff-doc": "4.0.3-7ubuntu0.11+esm8", "libtiff5-dbgsym": "4.0.3-7ubuntu0.11+esm8", "libtiff-opengl": "4.0.3-7ubuntu0.11+esm8", "libtiffxx5-dbgsym": "4.0.3-7ubuntu0.11+esm8", "libtiff4-dev": "4.0.3-7ubuntu0.11+esm8", "libtiff-opengl-dbgsym": "4.0.3-7ubuntu0.11+esm8", "libtiff-tools-dbgsym": "4.0.3-7ubuntu0.11+esm8", "libtiff5": "4.0.3-7ubuntu0.11+esm8", "libtiff5-alt-dev": "4.0.3-7ubuntu0.11+esm8", "libtiff-tools": "4.0.3-7ubuntu0.11+esm8", "libtiffxx5": "4.0.3-7ubuntu0.11+esm8", "libtiff5-dev": "4.0.3-7ubuntu0.11+esm8" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libtiff-doc": "4.0.6-1ubuntu0.8+esm11", "libtiff5-dbgsym": "4.0.6-1ubuntu0.8+esm11", "libtiff-opengl": "4.0.6-1ubuntu0.8+esm11", "libtiffxx5-dbgsym": "4.0.6-1ubuntu0.8+esm11", "libtiff-opengl-dbgsym": "4.0.6-1ubuntu0.8+esm11", "libtiff-tools-dbgsym": "4.0.6-1ubuntu0.8+esm11", "libtiff5": "4.0.6-1ubuntu0.8+esm11", "libtiff-tools": "4.0.6-1ubuntu0.8+esm11", "libtiffxx5": "4.0.6-1ubuntu0.8+esm11", "libtiff5-dev": "4.0.6-1ubuntu0.8+esm11" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libtiff-doc": "4.0.9-5ubuntu0.10+esm1", "libtiff5-dbgsym": "4.0.9-5ubuntu0.10+esm1", "libtiff-opengl": "4.0.9-5ubuntu0.10+esm1", "libtiffxx5-dbgsym": "4.0.9-5ubuntu0.10+esm1", "libtiff-opengl-dbgsym": "4.0.9-5ubuntu0.10+esm1", "libtiff-tools-dbgsym": "4.0.9-5ubuntu0.10+esm1", "libtiff5": "4.0.9-5ubuntu0.10+esm1", "libtiff-dev": "4.0.9-5ubuntu0.10+esm1", "libtiff-tools": "4.0.9-5ubuntu0.10+esm1", "libtiffxx5": "4.0.9-5ubuntu0.10+esm1", "libtiff5-dev": "4.0.9-5ubuntu0.10+esm1" } ] }