Heap-based buffer overflow in tiff (Alpine package)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-5225 |
| CWE-ID | CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
tiff (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-based buffer overflow
EUVDB-ID: #VU5919
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5225
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in "tools/tiffcp.cwhen" processing images. A remote attacker can create an image with specially crafted BitsPerSample value, trigger heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionstiff (Alpine package): 4.0.1-r0 - 4.0.7-r0
CPE2.3- cpe:2.3:o:alpine:tiff_alpine_package:4.0.6-r2:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:tiff_alpine_package:4.0.7-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:tiff_alpine_package:4.0.6-r1:*:*:*:*:alpine_linux:*:
http://git.alpinelinux.org/aports/commit/?id=ea14bc786962a30f943aea7ceceb4804f7b5ec9a
http://git.alpinelinux.org/aports/commit/?id=ca4e26abdf0af7b8d12c52909a22ba4855bfc304
http://git.alpinelinux.org/aports/commit/?id=0c504ed6ce49ffab8f4090a5a3ddaeeda27ecbf5
http://git.alpinelinux.org/aports/commit/?id=e5c608366778f367c59fcbb9cfa26af0fd991bc9
http://git.alpinelinux.org/aports/commit/?id=6fc5e083a79961213cb7151c39372e5dee115a45
http://git.alpinelinux.org/aports/commit/?id=b782af4d8b8c365ef6b066128f905e5ba580cc5b
http://git.alpinelinux.org/aports/commit/?id=f27c940eb7d081d6b511176fe4e0a8c1b131a2de
http://git.alpinelinux.org/aports/commit/?id=ff2e7d109f90f775c735acb314bf37b0008f428c
http://git.alpinelinux.org/aports/commit/?id=09b187444459efedfd8a766c4883fcd6867d203d
http://git.alpinelinux.org/aports/commit/?id=a07d9f929286a0f3ccf9ea20f55c62b03f91c4c4
http://git.alpinelinux.org/aports/commit/?id=5bb012e37bf60bec80128ff50650ad4353f24e18
http://git.alpinelinux.org/aports/commit/?id=66709766026c437c20e5b34a781839f7c24494b6
http://git.alpinelinux.org/aports/commit/?id=b25bdff84bd42e9c012c562afe3a312e433a3420
http://git.alpinelinux.org/aports/commit/?id=11139bb70638967120dbd2ef70935b0fbb96052e
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
