LibTIFF 4.0.9 is vulnerable to a crash caused by a NULL pointer dereference in the TIFFPrintDirectory function in tif_print.c. An attacker could exploit this by supplying a specially crafted TIFF image, leading to a denial of service. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18013 http://www.cvedetails.com/cve/CVE-2017-18013/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013 https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 http://bugzilla.maptools.org/show_bug.cgi?id=2770
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1530441]
It seems this flaw is triggered by the following changeset: https://gitlab.com/libtiff/libtiff/commit/7057734d986001b7fd6d2afde9667da7754ff2cc This was introduced in tiff-4.0.9, therefore older versions are not affected.