CLSA-2026-1776350524 libtiff: Fix of 2 CVEs

CVE-2022-3970: fix integer overflow in TIFFReadRGBATileExt on strips/tiles 2 GB - CVE-2022-0891: fix heap buffer overflow in extractImageSection in tiffcrop...

JLSEC-2025-279 LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing at...

LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8...

JLSEC-2025-263 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3....

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

Unity Linux 20.1070e Security Update: libtiff (UTSA-2025-680637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680637 advisory. A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory acces...

Linux Distros Unpatched Vulnerability : CVE-2022-0891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory...

Heap-buffer-overflow in extractimagesection()

...

Updated libtiff packages fix security vulnerability

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. CVE-2023-3164...

AZL-31765 CVE-2023-3164 affecting package libtiff for versions less than 4.6.0-5

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

Heap overflow

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

CVE-2023-3164

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

CVE-2023-3164 Heap-buffer-overflow in extractimagesection()

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

LibTIFF Buffer Error Vulnerability

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. LibTIFF suffers from a buffer error vulnerability that stems from a heap-based buffer overflow vulnerability found in extractImageSection in...

PT-2023-9225 · Libtiff +6 · Libtiff +6

Name of the Vulnerable Software and Affected Versions: LibTIFF versions prior to the fixed version Description: A heap-buffer-overflow vulnerability was found in LibTIFF, specifically in the extractImageSection function at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attacker...

SUSE CVE-2023-3164

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

Out-of-bounds Read

libtiff.so is vulnerable to Out-of-bounds Read. The vulnerability exists due to a heap based buffer overflow in extractImageSection function in tiffcrop.c which allows an attacker to submit a malicious code file into the system and perform out of read...

A flaw was found in tiffcrop a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.

...

CVE-2023-1916

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff...

AZL-26152 CVE-2023-1916 affecting package libtiff for versions less than 4.5.1-1

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff...

PT-2023-4906 · Libtiff +6 · Libtiff +6

Name of the Vulnerable Software and Affected Versions: libtiff versions 4.x Description: The issue is related to a flaw in the extractImageSection function of the libtiff library, which can cause an out-of-bounds read in memory. This can lead to a denial of service and limited information...

CVE-2023-1916

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure...