Bug 2218830 (CVE-2023-2908) - CVE-2023-2908 libtiff: null pointer dereference in tif_dir.c
Summary: CVE-2023-2908 libtiff: null pointer dereference in tif_dir.c
Keywords:
Status: NEW
Alias: CVE-2023-2908
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2218832 2218834 2218835 2218833
Blocks: 2210179
TreeView+ depends on / blocked
 
Reported: 2023-06-30 07:35 UTC by TEJ RATHI
Modified: 2023-07-07 08:33 UTC (History)
14 users (show)

Fixed In Version: Libtiff 4.5.1rc1
Doc Type: ---
Doc Text:
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description TEJ RATHI 2023-06-30 07:35:03 UTC
An issue was found in libtiff caused by runtime error: applying zero offset to null pointer leading to undefined behavior or crash.

https://gitlab.com/libtiff/libtiff/-/merge_requests/479
https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f

Comment 1 TEJ RATHI 2023-06-30 07:52:06 UTC
Created iv tracking bugs for this issue:

Affects: fedora-all [bug 2218833]


Created libtiff tracking bugs for this issue:

Affects: fedora-all [bug 2218832]


Created mingw-libtiff tracking bugs for this issue:

Affects: fedora-all [bug 2218834]


Created tkimg tracking bugs for this issue:

Affects: fedora-all [bug 2218835]


Note You need to log in before you can comment on or make changes to this bug.