SB2020031510 - Gentoo update for libTIFF

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020031510

SB2020031510 - Gentoo update for libTIFF

Published: March 15, 2020 Updated: May 21, 2022

Security Bulletin ID SB2020031510
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Low 80%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2017-17095)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in tools/pal2rgb.c in pal2rgb due to heap-based buffer overflow. A remote attacker can trigger memory corruption and cause the service to crash.

2) NULL pointer dereference (CVE-ID: CVE-2018-19210)

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to insufficient validation of user-supplied input processed by the TIFFWriteDirectorySec function, as defined in the tif_dirwrite.c source code file. A remote attacker can trick the victim into opening or executing a file that submits malicious input, trigger a NULL pointer dereference and cause the service to crash.


3) Integer overflow (CVE-ID: CVE-2019-17546)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow when processing RGBA images. A remote attacker can create a specially crafted RGBA image, pass it to the affected application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Memory leak (CVE-ID: CVE-2019-6128)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in TIFFFdOpen function in tif_unix.c. A remote attacker can trigger memory leak and perform denial of service attack.


5) NULL pointer dereference (CVE-ID: CVE-2019-7663)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an invalid address dereference condition that exists in the TIFFWriteDirectoryTagTransferfunction, as defined in the libtiff/tif_dirwrite.c source code file. A remote attacker can trick the victim into accessing a Tagged Image File Format (TIFF) file that submits malicious input and trigger a segmentation fault in the cpSeparateBufToContigBuf function in the tiffcp.c file, resulting in a DoS condition.

Remediation

Install update from vendor's website.

References