Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in LibTIFF

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of LibTIFF Vulnerability Details CVEID:CVE-2024-6716 DESCRIPTION: libtiff is vulnerable to a denial of service, caused by an out-of-memory flaw in the TIFFReadEncodedStrip function. By persuading a victim to ope...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2772)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.0 : libtiff (EulerOS-SA-2024-2772)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. An out-of-memory issue in the TIFFReadEncodedStrip function can be triggered when processi...

EulerOS Virtualization 2.12.1 : libtiff (EulerOS-SA-2024-2754)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. An out-of-memory issue in the TIFFReadEncodedStrip function can be triggered when processi...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2533)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2509)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2024-6716

Invalid security issue...

CVE-2024-6716

Rejected reason: Invalid security issue...

CVE-2024-6716

CVE-2024-6716 is confirmed in multiple security advisories linked to libtiff. IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable LibTIFF version (ICP Discovery 4.0.0–4.8.7 and 5.0.0–5.0.3). The root cause is an out-of-memory flaw in TIFFReadEncodedStrip() that can be triggered ...

CVE-2024-6716

A flaw was found in the libtiff library. An out-of-memory issue in the TIFFReadEncodedStrip function can be triggered when processing a crafted TIFF file, allowing attackers to perform memory allocation of arbitrary sizes, resulting in a denial of service. Mitigation Do not parse TIFF files from...