Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 608010 - (CVE-2010-2443, CVE-2010-2482) CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash
CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
  Show dependency treegraph
Reported: 2010-06-25 08:04 EDT by Tomas Hoger
Modified: 2016-03-04 06:48 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-06-25 08:09:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2010-06-25 08:04:14 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2443 to the following vulnerability:

Unspecified vulnerability in LibTIFF before 3.9.3 allows remote
attackers to cause a denial of service (application crash) via an
OJPEG image with undefined strip offsets.

Comment 1 Tomas Hoger 2010-06-25 08:09:03 EDT
This CVE refers to following entry in the upstream changelog:

  OJPEG: Report an error and avoid a crash if the input file is so broken
  that the strip offsets are not defined.

This problem is already tracked as bug #603024.  We are not handling this as security flaw, this NULL pointer dereference flaw with impact limited to application crash.


Not vulnerable. This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Comment 2 Tomas Hoger 2010-07-01 04:27:13 EDT
CVE-2010-2482 was assigned to the related td_stripbytecount NULL deref issue.  Comment #1 apply to that issue as well.  Issue is not yet fixed upstream in 3.9.4.

Comment 3 Tomas Hoger 2010-07-06 15:39:39 EDT
These issues are addressed in libtiff-3.9.4-1 packages.

Note You need to log in before you can comment on or make changes to this bug.