Red Hat Security Advisory: libtiff security update
🔗 CVE IDs covered (10)
📋 Description
CVE-2022-2056 — libtiff: division by zero issues in tiffcrop CVE-2022-2057 — libtiff: division by zero issues in tiffcrop CVE-2022-2058 — libtiff: division by zero issues in tiffcrop CVE-2022-2519 — libtiff: Double free or corruption in rotateImage() function at tiffcrop.c CVE-2022-2520 — libtiff: Assertion fail in rotateImage() function at tiffcrop.c CVE-2022-2521 — libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c CVE-2022-2867 — libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c CVE-2022-2868 — libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() CVE-2022-2869 — libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() CVE-2022-2953 — libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2023:0095
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103222
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2118847
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2118863
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2118869
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2122789
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2122792
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2122799
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2134432
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0095.json