Bug 1190703 (CVE-2014-9655) - CVE-2014-9655 libtiff: use of uninitialized memory in putcontig8bitYCbCr21tile and NeXTDecode
Summary: CVE-2014-9655 libtiff: use of uninitialized memory in putcontig8bitYCbCr21til...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-9655
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1190710 1190712 1269188 1269189 1299918 1299919 1299920 1299921 1335098 1335099
Blocks: 1174883
TreeView+ depends on / blocked
 
Reported: 2015-02-09 13:54 UTC by Vasyl Kaigorodov
Modified: 2021-02-17 05:40 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-08 02:38:44 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1546 0 normal SHIPPED_LIVE Important: libtiff security update 2016-08-02 20:59:03 UTC
Red Hat Product Errata RHSA-2016:1547 0 normal SHIPPED_LIVE Important: libtiff security update 2016-08-02 20:39:45 UTC

Description Vasyl Kaigorodov 2015-02-09 13:54:36 UTC
Below issues were reported [1] and fixed upstream in libtiff:

 - uninitialized memory in putcontig8bitYCbCr21tile
   Fixed in:

     2014-12-29  Even Rouault  <even.rouault () spatialys com>

     * libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height
       in the putcontig8bitYCbCr42tile, putcontig8bitYCbCr41tile and
       putcontig8bitYCbCr21tile cases.

 - uninitialized memory in NeXTDecode
   Fixed in:

     2014-12-29  Even Rouault  <even.rouault () spatialys com>

     * libtiff/tif_next.c: add new tests to check that we don't read outside of
     the compressed input stream buffer.

[1]: http://seclists.org/oss-sec/2015/q1/454

Comment 1 Vasyl Kaigorodov 2015-02-09 14:08:01 UTC
Created libtiff tracking bugs for this issue:

Affects: fedora-all [bug 1190710]

Comment 2 Vasyl Kaigorodov 2015-02-09 14:09:09 UTC
Created mingw-libtiff tracking bugs for this issue:

Affects: epel-7 [bug 1190712]

Comment 4 Fedora Update System 2015-05-30 15:55:31 UTC
libtiff-4.0.3-20.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 5 Siddharth Sharma 2015-06-01 11:57:02 UTC
Statement:

This issue affects the version of libtiff package as shipped with Red Hat Enterprise Linux 5, 6 and 7. A further update may address this flaw in Red Hat Enterprise Linux 6 and 7.

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates.

Comment 19 errata-xmlrpc 2016-08-02 16:40:36 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:1547 https://rhn.redhat.com/errata/RHSA-2016-1547.html

Comment 20 errata-xmlrpc 2016-08-02 16:59:41 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2016:1546 https://rhn.redhat.com/errata/RHSA-2016-1546.html


Note You need to log in before you can comment on or make changes to this bug.