Bug 1475530 (CVE-2017-11613)
| Summary: | CVE-2017-11613 libtiff: Memory leak via corrupt td_imagelength in TIFFOpen function | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | erik-fedora, mike, nforro, phracek |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-08-30 08:25:27 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1475531, 1475532 | ||
| Bug Blocks: | 1475533 | ||
|
Description
Pedro Sampaio
2017-07-26 20:47:58 UTC
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1475531] Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1475532] LibTIFF simply tries to allocate the memory based on the information in the image. If there's not enough RAM, the OOM killer steps in and terminates the process. If you have enough RAM, all is fine. Although one could implement mechanisms to catch this corner case early in order to handle it in a more graceful manner, I'm not sure if the library itself is the right place for that - I'll leave that to upstream. Statement: Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details. |