First published: Tue Feb 23 2021(Updated: )
A flaw was found in libtiff 4.1.0 and before. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service. This is a different flaw from <a href="https://access.redhat.com/security/cve/CVE-2020-35521">CVE-2020-35521</a> References: <a href="https://gitlab.com/libtiff/libtiff/-/merge_requests/165">https://gitlab.com/libtiff/libtiff/-/merge_requests/165</a> <a href="https://gitlab.com/libtiff/libtiff/-/commit/98a254f5b92cea22f5436555ff7fceb12afee84d">https://gitlab.com/libtiff/libtiff/-/commit/98a254f5b92cea22f5436555ff7fceb12afee84d</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Libtiff Libtiff | <4.2.0 | |
NetApp ONTAP Select Deploy administration utility | ||
Fedoraproject Fedora | =33 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
redhat/libtiff | <4.2.0 | 4.2.0 |
IBM Cognos Analytics | <=12.0.0-12.0.3 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.