An exploitable heap based buffer overflow exists in the handling of TIFF images in LibTIFF’s TIFF2PDF tool. A crafted TIFF document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means. External References: http://www.talosintelligence.com/reports/TALOS-2016-0187/ Upstream fix: https://github.com/vadz/libtiff/commit/b5d6803f0898e931cf772d3d0755704ab8488e63
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1389231]
Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1389232] Affects: epel-7 [bug 1389233]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2017:0225 https://rhn.redhat.com/errata/RHSA-2017-0225.html