A flaw was found in LibTIFF through 4.0.9. TIFFWriteDirectorySec() function in tif_dirwrite.c allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file. References: http://bugzilla.maptools.org/show_bug.cgi?id=2795 Patch: https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1579061] Created mingw-libtiff tracking bugs for this issue: Affects: epel-7 [bug 1579062] Affects: fedora-all [bug 1579059]
Statement: This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the vulnerable code.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2053 https://access.redhat.com/errata/RHSA-2019:2053
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-10963