diff options
author | Yogita Urade <yogita.urade@windriver.com> | 2024-02-02 08:26:32 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-02-08 10:53:03 +0000 |
commit | 831d7a2fffb3dec94571289292f0940bc7ecd70a (patch) | |
tree | 9741cf72a29eb0be2a0940827ff7673e2462a630 /LICENSE.GPL-2.0-only | |
parent | e6a8ca554509c0edf9fd36ced88165dc3caf0e87 (diff) | |
download | openembedded-core-831d7a2fffb3dec94571289292f0940bc7ecd70a.tar.gz |
tiff: fix CVE-2023-52355 and CVE-2023-52356
CVE-2023-52355:
An out-of-memory flaw was found in libtiff that could be
triggered by passing a crafted tiff file to the
TIFFRasterScanlineSize64() API. This flaw allows a remote
attacker to cause a denial of service via a crafted input
with a size smaller than 379 KB.
Issue fixed by providing a documentation update.
CVE-2023-52356:
A segment fault (SEGV) flaw was found in libtiff that could
be triggered by passing a crafted tiff file to the
TIFFReadRGBATileExt() API. This flaw allows a remote attacker
to cause a heap-buffer overflow, leading to a denial of service.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-52355
https://security-tracker.debian.org/tracker/CVE-2023-52355
https://gitlab.com/libtiff/libtiff/-/issues/621
https://gitlab.com/libtiff/libtiff/-/merge_requests/553
https://nvd.nist.gov/vuln/detail/CVE-2023-52356
https://gitlab.com/libtiff/libtiff/-/issues/622
https://gitlab.com/libtiff/libtiff/-/merge_requests/546
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'LICENSE.GPL-2.0-only')
0 files changed, 0 insertions, 0 deletions