The pal2rgb tool (tools/pal2rgb.c) in LibTIFF 4.0.9 is vulnerable to a heap-based bufferflow when parsing a specially crafted .tif file. A remote attacker could exploit this to cause an application crash (denial of service) or other possible unspecified impact. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17095 http://www.openwall.com/lists/oss-security/2017/11/30/3 http://www.cvedetails.com/cve/CVE-2017-17095/ http://bugzilla.maptools.org/show_bug.cgi?id=2750
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1524285]
Note: As per upstream bug, there is currently no patch yet. The proposed patch seems to be insufficient, since the issue still manifests after the patch is applied.