CVE-2022-0865
Summary
| CVE | CVE-2022-0865 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-03-10 17:44:00 UTC |
|---|
| Updated | 2023-11-07 03:41:00 UTC |
|---|
| Description | Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 35 Update: libtiff-4.3.0-6.fc35 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| tiffcp: Assertion failed in TIFFReadAndRealloc, tif_read.c:99 (#385) · Issues · libtiff / libtiff · GitLab |
MISC |
gitlab.com |
|
| April 2022 LibTIFF Vulnerabilities in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| tif_jbig.c: fix crash when reading a file with multiple IFD in memory-mapped... (!306) · Merge requests · libtiff / libtiff · GitLab |
MISC |
gitlab.com |
|
| LibTIFF: Multiple Vulnerabilities (GLSA 202210-10) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| [SECURITY] Fedora 36 Update: libtiff-4.3.0-6.fc36 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| 2022/CVE-2022-0865.json · master · GitLab.org / cves · GitLab |
CONFIRM |
gitlab.com |
|
| [SECURITY] Fedora 35 Update: libtiff-4.3.0-6.fc35 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 36 Update: libtiff-4.3.0-6.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| Debian -- Security Information -- DSA-5108-1 tiff |
DEBIAN |
www.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
Legacy QID Mappings
- 160245 Oracle Enterprise Linux Security Update for libtiff (ELSA-2022-7585)
- 160275 Oracle Enterprise Linux Security Update for libtiff (ELSA-2022-8194)
- 179158 Debian Security Update for tiff (DSA 5108-1)
- 183915 Debian Security Update for tiff (CVE-2022-0865)
- 198786 Ubuntu Security Notification for LibTIFF Vulnerabilities (USN-5421-1)
- 240843 Red Hat Update for libtiff (RHSA-2022:7585)
- 240881 Red Hat Update for libtiff (RHSA-2022:8194)
- 282544 Fedora Security Update for libtiff (FEDORA-2022-e2996202a0)
- 353264 Amazon Linux Security Advisory for libtiff : ALAS2-2022-1780
- 354038 Amazon Linux Security Advisory for libtiff : ALAS-2022-1625
- 354293 Amazon Linux Security Advisory for libtiff : ALAS2022-2022-049
- 354326 Amazon Linux Security Advisory for libtiff : ALAS2022-2022-194
- 354588 Amazon Linux Security Advisory for libtiff : ALAS-2022-194
- 355159 Amazon Linux Security Advisory for libtiff : ALAS2023-2023-050
- 501505 Alpine Linux Security Update for tiff
- 502035 Alpine Linux Security Update for tiff
- 502793 Alpine Linux Security Update for tiff
- 671688 EulerOS Security Update for compat-libtiff3 (EulerOS-SA-2022-1710)
- 671700 EulerOS Security Update for libtiff (EulerOS-SA-2022-1739)
- 671813 EulerOS Security Update for libtiff (EulerOS-SA-2022-1869)
- 671814 EulerOS Security Update for libtiff (EulerOS-SA-2022-1845)
- 671884 EulerOS Security Update for libtiff (EulerOS-SA-2022-1937)
- 671995 EulerOS Security Update for libtiff (EulerOS-SA-2022-2161)
- 671996 EulerOS Security Update for libtiff (EulerOS-SA-2022-2136)
- 710659 Gentoo Linux LibTIFF Multiple Vulnerabilities (GLSA 202210-10)
- 752138 SUSE Enterprise Linux Security Update for tiff (SUSE-SU-2022:1667-1)
- 752188 SUSE Enterprise Linux Security Update for tiff (SUSE-SU-2022:1882-1)
- 901748 Common Base Linux Mariner (CBL-Mariner) Security Update for libtiff (8967-1)
- 940761 AlmaLinux Security Update for libtiff (ALSA-2022:7585)
- 940811 AlmaLinux Security Update for libtiff (ALSA-2022:8194)
- 960178 Rocky Linux Security Update for libtiff (RLSA-2022:7585)
