Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2533)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-6716

CVE-2024-6716 is confirmed in multiple security advisories linked to libtiff. IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable LibTIFF version (ICP Discovery 4.0.0–4.8.7 and 5.0.0–5.0.3). The root cause is an out-of-memory flaw in TIFFReadEncodedStrip() that can be triggered ...

gdal:gtiff_fuzzer: Heap-buffer-overflow in Fax3Decode2D

Project: https://github.com/OSGeo/gdal.git Detailed Report: https://oss-fuzz.com/testcase?key=5139548596862976 Project: gdal Fuzzing Engine: honggfuzz Fuzz Target: gtifffuzzer Job Type: honggfuzzasangdal Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Address: 0x615000000c80 Cra...

gdal:gtiff_fuzzer: Heap-buffer-overflow in Fax3Decode2D

Project: https://github.com/OSGeo/gdal.git Detailed Report: https://oss-fuzz.com/testcase?key=5428642430320640 Project: gdal Fuzzing Engine: honggfuzz Fuzz Target: gtifffuzzer Job Type: honggfuzzasangdal Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Address: 0x615000000c80 Cra...

OSV-2020-87 Heap-buffer-overflow in Fax3Decode2D

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21044 Crash type: Heap-buffer-overflow WRITE 4 Crash state: Fax3Decode2D TIFFReadEncodedStrip GTiffDataset::ReadStrile...

gdal:gdal_fuzzer: Heap-buffer-overflow in Fax3Decode2D

Project: https://github.com/OSGeo/gdal.git Detailed Report: https://oss-fuzz.com/testcase?key=5650429515137024 Project: gdal Fuzzing Engine: libFuzzer Fuzz Target: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Address: 0x615000003c00 Cras...

gdal/gtiff_mmap: Crash in DumpModeDecode

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5685287126040576 Project: gdal Fuzzer: libFuzzergdalgtiffmmap Fuzz target binary: gtiffmmap Job Type: libfuzzerubsangdal Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000109320bef Crash...

gdal/gtiff_fuzzer: Heap-buffer-overflow in TWebPDecode

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5728607687671808 Project: gdal Fuzzer: libFuzzergdalgtifffuzzer Fuzz target binary: gtifffuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

Denial Of Service (DoS) Through Divide By Zero

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user can pass a tiff file to the TIFFReadEncodedStrip function in tifread.c to cause a divied by zero that can crash the application...

openSUSE Security Update : tiff (openSUSE-2017-1118)

This update for tiff to version 4.0.8 fixes a several bugs and security issues : These security issues were fixed : - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image bsc1033127. -...

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2017:2569-1)

This update for tiff to version 4.0.8 fixes a several bugs and security issues: These security issues were fixed : - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image bsc1033127. -...