CVE-2022-22844
Summary
| CVE | CVE-2022-22844 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-01-10 14:12:00 UTC |
|---|
| Updated | 2022-11-16 19:07:00 UTC |
|---|
| Description | LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| tiffset: Global-buffer-overflow in _TIFFmemcpy, tif_unix.c:346 (#355) · Issues · libtiff / libtiff · GitLab |
MISC |
gitlab.com |
|
| LibTIFF: Multiple Vulnerabilities (GLSA 202210-10) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| CVE-2022-22844 LibTIFF Vulnerability in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| Fix the global-buffer-overflow in tiffset (!287) · Merge requests · libtiff / libtiff · GitLab |
MISC |
gitlab.com |
|
| [SECURITY] [DLA 2932-1] tiff security update |
MLIST |
lists.debian.org |
|
| Debian -- Security Information -- DSA-5108-1 tiff |
DEBIAN |
www.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160245 Oracle Enterprise Linux Security Update for libtiff (ELSA-2022-7585)
- 160275 Oracle Enterprise Linux Security Update for libtiff (ELSA-2022-8194)
- 179103 Debian Security Update for tiff (DLA 2932-1)
- 179158 Debian Security Update for tiff (DSA 5108-1)
- 183989 Debian Security Update for tiff (CVE-2022-22844)
- 198931 Ubuntu Security Notification for LibTIFF Vulnerabilities (USN-5523-2)
- 240843 Red Hat Update for libtiff (RHSA-2022:7585)
- 240881 Red Hat Update for libtiff (RHSA-2022:8194)
- 282305 Fedora Security Update for libtiff (FEDORA-2022-a403286212)
- 353264 Amazon Linux Security Advisory for libtiff : ALAS2-2022-1780
- 354038 Amazon Linux Security Advisory for libtiff : ALAS-2022-1625
- 354293 Amazon Linux Security Advisory for libtiff : ALAS2022-2022-049
- 354326 Amazon Linux Security Advisory for libtiff : ALAS2022-2022-194
- 354588 Amazon Linux Security Advisory for libtiff : ALAS-2022-194
- 355159 Amazon Linux Security Advisory for libtiff : ALAS2023-2023-050
- 501505 Alpine Linux Security Update for tiff
- 502035 Alpine Linux Security Update for tiff
- 502793 Alpine Linux Security Update for tiff
- 671557 EulerOS Security Update for compat-libtiff3 (EulerOS-SA-2022-1526)
- 671568 EulerOS Security Update for libtiff (EulerOS-SA-2022-1573)
- 671589 EulerOS Security Update for libtiff (EulerOS-SA-2022-1540)
- 671728 EulerOS Security Update for libtiff (EulerOS-SA-2022-1809)
- 671761 EulerOS Security Update for libtiff (EulerOS-SA-2022-1792)
- 671813 EulerOS Security Update for libtiff (EulerOS-SA-2022-1869)
- 671814 EulerOS Security Update for libtiff (EulerOS-SA-2022-1845)
- 710659 Gentoo Linux LibTIFF Multiple Vulnerabilities (GLSA 202210-10)
- 751716 SUSE Enterprise Linux Security Update for tiff (SUSE-SU-2022:0480-1)
- 751721 SUSE Enterprise Linux Security Update for tiff (SUSE-SU-2022:0496-1)
- 751752 OpenSUSE Security Update for tiff (openSUSE-SU-2022:0480-1)
- 901270 Common Base Linux Mariner (CBL-Mariner) Security Update for libtiff (8514-1)
- 940761 AlmaLinux Security Update for libtiff (ALSA-2022:7585)
- 940811 AlmaLinux Security Update for libtiff (ALSA-2022:8194)
- 960178 Rocky Linux Security Update for libtiff (RLSA-2022:7585)
