SB2019110207 - Improper Adherence to Coding Standards in tiff (Alpine package)
Published: November 2, 2019
Security Bulletin ID
SB2019110207
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper Adherence to Coding Standards (CVE-ID: CVE-2019-10927)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the software does not follow certain coding rules for development. A remote authenticated attacker with network access to Port 22/TCP of an affected device can cause a denial-of-service condition.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=ca4e26abdf0af7b8d12c52909a22ba4855bfc304
- https://git.alpinelinux.org/aports/commit/?id=0cb0e034871173f92fea3c60c471d5c4570db3c7
- https://git.alpinelinux.org/aports/commit/?id=2ab20b2c571f30cd5618eff282cb4c2d3ab364b6
- https://git.alpinelinux.org/aports/commit/?id=34a8d91d0150241d45581e22442bd62d4d0134b5
- https://git.alpinelinux.org/aports/commit/?id=51217eaa516ccee4fbefda489f991be72adc6c51
- https://git.alpinelinux.org/aports/commit/?id=c333ac8f99726f282897b8998a2f1fc951bcdc83