CVE-2022-1210

2022-04-0300:00:00

ubuntu.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

71.4%

JSON

A vulnerability classified as problematic was found in LibTIFF 4.3.0.
Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening
a malicious file leads to a denial of service. The attack can be launched
remotely but requires user interaction. The exploit has been disclosed to
the public and may be used.

Bugs

<https://gitlab.com/libtiff/libtiff/-/issues/402>

Notes

Author	Note
ccdm94	No patch available for this issue as of 2022-08-26. In the issue page for this vulnerability (issue 402), there is a discussion about this actually being a libjbig bug instead of a tiff bug. this issue was marked as a duplicate of CVE-2017-9937 by upstream on 2023-02-22. CVE-2017-9937 was mistakenly assigned to LibTIFF when it actually affected jbigkit. Therefore, none of the below releases are affected by this in the LibTIFF package.

Author

Note

ccdm94

No patch available for this issue as of 2022-08-26. In the issue page for this vulnerability (issue 402), there is a discussion about this actually being a libjbig bug instead of a tiff bug. this issue was marked as a duplicate of CVE-2017-9937 by upstream on 2023-02-22. CVE-2017-9937 was mistakenly assigned to LibTIFF when it actually affected jbigkit. Therefore, none of the below releases are affected by this in the LibTIFF package.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchjbigkit< 2.1-3.1ubuntu0.18.04.1UNKNOWN
ubuntu20.04noarchjbigkit< 2.1-3.1ubuntu0.20.04.1UNKNOWN
ubuntu22.04noarchjbigkit< 2.1-3.1ubuntu0.22.04.1UNKNOWN
ubuntu22.10noarchjbigkit< 2.1-3.1ubuntu0.22.10.1UNKNOWN
ubuntu23.04noarchjbigkit< 2.1-6ubuntu1UNKNOWN
ubuntu14.04noarchjbigkit< 2.0-2ubuntu4.1+esm1UNKNOWN
ubuntu16.04noarchjbigkit< 2.1-3.1ubuntu0.1~esm1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	jbigkit	< 2.1-3.1ubuntu0.18.04.1	UNKNOWN
ubuntu	20.04	noarch	jbigkit	< 2.1-3.1ubuntu0.20.04.1	UNKNOWN
ubuntu	22.04	noarch	jbigkit	< 2.1-3.1ubuntu0.22.04.1	UNKNOWN
ubuntu	22.10	noarch	jbigkit	< 2.1-3.1ubuntu0.22.10.1	UNKNOWN
ubuntu	23.04	noarch	jbigkit	< 2.1-6ubuntu1	UNKNOWN
ubuntu	14.04	noarch	jbigkit	< 2.0-2ubuntu4.1+esm1	UNKNOWN
ubuntu	16.04	noarch	jbigkit	< 2.1-3.1ubuntu0.1~esm1	UNKNOWN