Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85 https://gitlab.com/libtiff/libtiff/-/issues/383
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 2064153] Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 2064149]
Hi Tej, Sorry---could you explain what the neuro-sig needs to do here? I checked and we don't maintain libtiff as one of our group packages. Are some of our packages affected by this too? Cheers,
Hello Ankur, neuro-sig is CC'd into this automatically by Bugzilla, when I created this flaw bug. Libtiff is only affected. Just ignore this if it isn't related to you. Sorry for the noise in your inbox. Thank you.
Thanks, I'll remove us from the CC list otherwise it'll keep being listed in our bugs and cause confusion.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7585 https://access.redhat.com/errata/RHSA-2022:7585
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8194 https://access.redhat.com/errata/RHSA-2022:8194
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-0908