Amazon Linux AMI update for libtiff

1) Out-of-bounds read

EUVDB-ID: #VU72591

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0795

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU72592

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0796

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU72593

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0797

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU72594

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0798

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU72595

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0799

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU72598

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0802

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU72600

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-0803

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the tiffcrop() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds write and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

EUVDB-ID: #VU79328

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-25434

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to buffer overflow in the extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. A remote unauthenticated attacker can trick the victim into opening a specially crafted file and execute arbitrary code on the system.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

EUVDB-ID: #VU79329

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-25435

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service attack.

The vulnerability exists due to buffer overflow in the extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. A local unauthenticated attacker can trick the victim into opening a specially crafted file and perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.6.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.6.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.6.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.6.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

libtiff: before 4.4.0-4

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-255.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Risk	High
Patch available	YES
Number of vulnerabilities	9
CVE-ID	CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2023-0802 CVE-2023-0803 CVE-2023-25434 CVE-2023-25435
CWE-ID	CWE-125 CWE-787 CWE-120
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Amazon Linux AMI Operating systems & Components / Operating system libtiff Operating systems & Components / Operating system package or component
Vendor	Amazon Web Services