A vulnerability was found in the libtiff library. Using the tagCompare function with the thumbnail command on a maliciously crafted tif file could cause the application to crash. Vulnerable code: /libtiff/tif_dirinfo.c: 341 tagCompare(const void* a, const void* b) 337{ 338 const TIFFField* ta = *(const TIFFField**) a; 339 const TIFFField* tb = *(const TIFFField**) b; 340 /* NB: be careful of return values for 16-bit platforms */ 341 if (ta->field_tag != tb->field_tag) 342 return (int)ta->field_tag - (int)tb->field_tag; 343 else 344 return (ta->field_type == TIFF_ANY) ? 345 0 : ((int)tb->field_type - (int)ta->field_type); 346} References: http://www.openwall.com/lists/oss-security/2016/04/08/13
*** Bug 1316876 has been marked as a duplicate of this bug. ***
Statement: This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 5, 6 and 7. This issue did not affect the versions of compat-libtiff3 as shipped with Red Hat Enterprise Linux 7.