Amazon Linux AMI update for libtiff



Published: 2024-08-06
Risk High
Patch available YES
Number of vulnerabilities 20
CVE-ID CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
CVE-2022-1056
CVE-2022-1354
CVE-2022-1355
CVE-2022-1622
CVE-2022-1623
CVE-2022-2056
CVE-2022-2057
CVE-2022-2058
CVE-2022-22844
CVE-2022-2869
CVE-2022-34526
CVE-2022-3970
CWE-ID CWE-476
CWE-617
CWE-787
CWE-369
CWE-125
CWE-122
CWE-119
CWE-191
CWE-121
CWE-190
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Amazon Linux AMI
Operating systems & Components / Operating system

libtiff
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 20 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU63326

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0561

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchStripThing() in tif_dirread.c. A remote attacker can trick victim to open specially crafted TIFF file and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU63328

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0562

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFReadDirectory() in tif_dirread.c. A remote attacker can trick victim to open specially crafted TIFF file and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Reachable Assertion

EUVDB-ID: #VU63332

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0865

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in the tiffcp component. A remote attacker can trick a victim to open a specially crafted TIFF file and perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds write

EUVDB-ID: #VU63329

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0891

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing TIFF file in ExtractImageSection() function in tiffcrop.c. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU63794

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0907

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in tiffcrop in libtiff. A remote attacker can trigger denial of service conditions via a crafted tiff file.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU63374

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0908

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the memcpy() function within TIFFFetchNormalTag () in tif_dirread.c. A remote attacker can pass specially crafted TIFF file to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Division by zero

EUVDB-ID: #VU63376

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0909

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a division by zero error in the tiffcrop component. A remote attacker can pass a specially crafted TIFF file to the application and crash it.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU63378

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0924

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial-of-service attack.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial-of-service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds read

EUVDB-ID: #VU63379

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1056

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial-of-service attack.

The vulnerability exists due to a boundary condition in the tiffcrop component. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial-of-service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Heap-based buffer overflow

EUVDB-ID: #VU67498

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1354

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the TIFFReadRawDataStriped() function in tiffinfo.c. A remote attacker can pass specially crafted TIFF file to the application that is using the affected library, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU67497

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1355

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within tiffcp.c when processing TIFF files. A remote attacker can pass specially crafted TIFF file to the application that is using the affected library, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU63826

Risk: Medium

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1622

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary condition in LZWDecode() function in libtiff/tif_lzw.c:619. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and to perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU63824

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1623

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary condition in LZWDecode() function in libtiff/tif_lzw.c:624. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Division by zero

EUVDB-ID: #VU65440

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2056

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Division by zero

EUVDB-ID: #VU65441

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2057

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Division by zero

EUVDB-ID: #VU65439

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2058

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

EUVDB-ID: #VU63795

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-22844

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary condition in the _TIFFmemcpy() function in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. A remote attacker can pass a specially crafted file and perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Integer underflow

EUVDB-ID: #VU67138

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2869

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer underflow within the extractContigSamples8bits routine in the tiffcrop utility. A remote attacker can pass  a specially crafted file to the affected application, trigger an integer underflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Stack-based buffer overflow

EUVDB-ID: #VU69403

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34526

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the _TIFFVGetField() function in Tiffsplit. A remote attacker can pass specially crafted file to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Integer overflow

EUVDB-ID: #VU69585

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3970

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the TIFFReadRGBATileExt() function in libtiff/tif_getimage.c. A remote attacker can trick the victim to open a specially crafted TIFF file, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.3.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-050.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###