Debian Security Advisory
DLA-1680-1 tiff -- LTS security update
- Date Reported:
- 18 Feb 2019
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2018-17000, CVE-2018-19210, CVE-2019-7663.
- More information:
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
There is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file.
We believe this is the same as CVE-2018-17000 (above).
For Debian 8
Jessie, these problems have been fixed in version 4.0.3-12.3+deb8u8.
We recommend that you upgrade your tiff packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS