An out-of-memory problem was found in libtiff that could be triggered by passing a craft tiff file to TIFFOpen() API. In this flaw a remote attackers could cause deny-of-services via a craft input (with size smaller than 379 KB). Reference: https://gitlab.com/libtiff/libtiff/-/issues/614 Fixed at: https://gitlab.com/libtiff/libtiff/-/merge_requests/545 https://gitlab.com/libtiff/libtiff/-/commit/d6bbe53a96b031ab8b53d20241825ddf9e8bf8f1 https://gitlab.com/libtiff/libtiff/-/commit/264a28eff71cf0038ba7b235238512fa594fa42f https://gitlab.com/libtiff/libtiff/-/commit/abb4476fd2be87fc8ded3078e019f22f84ee0e8c
Created iv tracking bugs for this issue: Affects: fedora-all [bug 2251315] Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 2251313] Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 2251314] Created tkimg tracking bugs for this issue: Affects: fedora-all [bug 2251316]
*** Bug 2251319 has been marked as a duplicate of this bug. ***