ALAS2023-2023-364

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. (CVE-2022-3598)

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. (CVE-2022-48281)

A vulnerability was found in libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c (CVE-2023-30775)

Multiple potential integer overflow in tiffcp.c in libtiff <= 4.5.1 can allow remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. (CVE-2023-40745)

Multiple potential integer overflow in raw2tiff.c in libtiff <= 4.5.1 can allow remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. (CVE-2023-41175)

aarch64:
    libtiff-debuginfo-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-debugsource-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-tools-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-static-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.16.aarch64
    libtiff-devel-4.4.0-4.amzn2023.0.16.aarch64

src:
    libtiff-4.4.0-4.amzn2023.0.16.src

x86_64:
    libtiff-debugsource-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-static-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-debuginfo-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-tools-4.4.0-4.amzn2023.0.16.x86_64
    libtiff-devel-4.4.0-4.amzn2023.0.16.x86_64