Ubuntu update for tiff
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2020-19131 CVE-2020-19144 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844 |
| CWE-ID | CWE-119 CWE-476 CWE-369 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system libtiff-tools (Ubuntu package) Operating systems & Components / Operating system package or component libtiff5 (Ubuntu package) Operating systems & Components / Operating system package or component libtiffxx5 (Ubuntu package) Operating systems & Components / Operating system package or component libtiff-opengl (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU63910
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19131
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in the invertImage() function in the tiffcrop component. A remote attacker can pass a specially crafted file to the application and perform a denial of service attack.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU65438
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19144
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files within the _TIFFmemcpy() funtion in "tif_unix.c". A remote attacker can create a specially crafted image file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU63794
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0907
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in tiffcrop in libtiff. A remote attacker can trigger denial of service conditions via a crafted tiff file.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU63374
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0908
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchNormalTag () in tif_dirread.c. A remote attacker can pass specially crafted TIFF file to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Division by zero
EUVDB-ID: #VU63376
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0909
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error in the tiffcrop component. A remote attacker can pass a specially crafted TIFF file to the application and crash it.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU63378
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0924
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial-of-service attack.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial-of-service attack.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU63795
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22844
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary condition in the _TIFFmemcpy() function in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. A remote attacker can pass a specially crafted file and perform a denial of service attack.
MitigationUpdate the affected package tiff to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
libtiff-tools (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiffxx5 (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
libtiff-opengl (Ubuntu package): before 4.1.0+git191117-2ubuntu0.20.04.4
External linkshttp://ubuntu.com/security/notices/USN-5523-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
