Amazon Linux 2023 Security Advisory: ALAS-2023-050
Advisory Release Date: 2023-02-17 20:45 Pacific
Advisory Updated Date: 2023-02-22 23:39 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy() function within the TIFFFetchStripThing() in tif_dirread.c. This flaw allows an attacker with a crafted TIFF file to exploit this flaw, causing a crash and leading to a denial of service. (CVE-2022-0561)
A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy() function within the TIFFReadDirectory() in tif_dirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service. (CVE-2022-0562)
A reachable assertion failure was found in libtiff's JBIG functionality. This flaw allows an attacker who can submit a crafted file to an application linked with libtiff and using the JBIG functionality, causes a crash via an assertion failure, leading to a denial of service. The exact mechanism and conditions around this issue are dependent on how the application uses libtiff. (CVE-2022-0865)
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact (CVE-2022-0891)
A NULL pointer dereference flaw was found in Libtiff. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service. (CVE-2022-0907)
A flaw was found in LibTIFF where a NULL source pointer passed as an argument to the memcpy() function within the TIFFFetchNormalTag() in tif_dirread.c. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service. (CVE-2022-0908)
A floating-point exception (FPE) flaw was found in LibTIFF's computeOutputPixelOffsets() function in tiffcrop.c file. This flaw allows an attacker with a crafted TIFF file to trigger a divide-by-zero error, causing a crash that leads to a denial of service. (CVE-2022-0909)
A heap buffer overflow flaw was found in Libtiffs' cpContigBufToSeparateBuf() function of the tiffcp.c file. This flaw allows an attacker with a crafted TIFF file to trigger a heap out-of-bounds read access issue, causing a crash that leads to a denial of service. (CVE-2022-0924)
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. (CVE-2022-1056)
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. (CVE-2022-1354)
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. (CVE-2022-1355)
An out-of-bounds read vulnerability was found in Libtiff's LZWDecode() function in libtiff/tif_lzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing. (CVE-2022-1622)
An out-of-bounds read vulnerability was found in Libtiff's LZWDecode() function in libtiff/tif_lzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing. (CVE-2022-1623)
A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file. (CVE-2022-2056)
A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file. (CVE-2022-2057)
A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file. (CVE-2022-2058)
A buffer overflow vulnerability was found in libtiff. This flaw allows an attacker with network access to pass specially crafted files, causing an application to halt or crash. The root cause of this issue was from the memcpy function in tif_unix.c. (CVE-2022-22844)
A flaw was found in libtiff's tiffcrop tool that has a uint32_t underflow, which leads to an out-of-bounds read and write in the extractContigSamples8bits routine. This flaw allows an attacker who supplies a crafted file to tiffcrop to trick a user into opening the crafted file with tiffcrop, causing a crash or potential further exploitations. (CVE-2022-2869)
A stack overflow flaw was found in the _TIFFVGetField function of Tiffsplit. This vulnerability allows attackers to cause a denial of service (DoS) via a crafted TIFF file. (CVE-2022-34526)
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability. (CVE-2022-3970)
Affected Packages:
libtiff
Issue Correction:
Run dnf update libtiff --releasever=2023.0.20230222 to update your system.
aarch64:
libtiff-tools-4.4.0-4.amzn2023.0.3.aarch64
libtiff-debugsource-4.4.0-4.amzn2023.0.3.aarch64
libtiff-static-4.4.0-4.amzn2023.0.3.aarch64
libtiff-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
libtiff-4.4.0-4.amzn2023.0.3.aarch64
libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.aarch64
libtiff-devel-4.4.0-4.amzn2023.0.3.aarch64
src:
libtiff-4.4.0-4.amzn2023.0.3.src
x86_64:
libtiff-debugsource-4.4.0-4.amzn2023.0.3.x86_64
libtiff-4.4.0-4.amzn2023.0.3.x86_64
libtiff-static-4.4.0-4.amzn2023.0.3.x86_64
libtiff-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
libtiff-tools-4.4.0-4.amzn2023.0.3.x86_64
libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.3.x86_64
libtiff-devel-4.4.0-4.amzn2023.0.3.x86_64