Amazon Linux AMI update for libtiff



Published: 2022-08-06
Risk High
Patch available YES
Number of vulnerabilities 13
CVE-ID CVE-2016-9532
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
CVE-2022-22844
CWE-ID CWE-125
CWE-119
CWE-190
CWE-476
CWE-617
CWE-369
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Amazon Linux AMI
Operating systems & Components / Operating system

libtiff
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 13 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU39732

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9532

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU51448

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35521

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing TIFF images in tif_read.c. A remote attacker can create a specially crafted TIFF, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU51447

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35522

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing TIFF images in tif_pixarlog.c. A remote attacker can create a specially crafted TIFF image, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Integer overflow

EUVDB-ID: #VU51445

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35523

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the the tif_getimage.c file in libtiff. A remote attacker can pass specially crafted file to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU51446

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-35524

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing TIFF images in libtiff's TIFF2PDF tool. A remote attacker can create a specially crafted TIFF image, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU63326

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0561

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchStripThing() in tif_dirread.c. A remote attacker can trick victim to open specially crafted TIFF file and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU63328

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0562

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFReadDirectory() in tif_dirread.c. A remote attacker can trick victim to open specially crafted TIFF file and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Reachable Assertion

EUVDB-ID: #VU63332

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0865

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in the tiffcp component. A remote attacker can trick a victim to open a specially crafted TIFF file and perform a denial of service attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU63794

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0907

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in tiffcrop in libtiff. A remote attacker can trigger denial of service conditions via a crafted tiff file.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU63374

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0908

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchNormalTag () in tif_dirread.c. A remote attacker can pass specially crafted TIFF file to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Division by zero

EUVDB-ID: #VU63376

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0909

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a division by zero error in the tiffcrop component. A remote attacker can pass a specially crafted TIFF file to the application and crash it.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU63378

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0924

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial-of-service attack.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial-of-service attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU63795

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-22844

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary condition in the _TIFFmemcpy() function in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. A remote attacker can pass a specially crafted file and perform a denial of service attack.

Mitigation

Update the affected packages:

i686:
    libtiff-debuginfo-4.0.3-35.38.amzn1.i686
    libtiff-4.0.3-35.38.amzn1.i686
    libtiff-devel-4.0.3-35.38.amzn1.i686
    libtiff-static-4.0.3-35.38.amzn1.i686

src:
    libtiff-4.0.3-35.38.amzn1.src

x86_64:
    libtiff-4.0.3-35.38.amzn1.x86_64
    libtiff-static-4.0.3-35.38.amzn1.x86_64
    libtiff-debuginfo-4.0.3-35.38.amzn1.x86_64
    libtiff-devel-4.0.3-35.38.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.0.3-35.38


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2022-1625.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###