First published: Fri Nov 24 2023(Updated: )
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Sonoma | <14.6 | 14.6 |
Apple visionOS | <1.3 | 1.3 |
Apple macOS Ventura | <13.6.8 | 13.6.8 |
Apple watchOS | <10.6 | 10.6 |
Apple macOS Monterey | <12.7.6 | 12.7.6 |
Apple tvOS | <17.6 | 17.6 |
Apple iOS | <17.6 | 17.6 |
Apple iPadOS | <17.6 | 17.6 |
Apple iOS | <16.7.9 | 16.7.9 |
Apple iPadOS | <16.7.9 | 16.7.9 |
Libtiff Libtiff | ||
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
debian/tiff | <=4.2.0-1+deb11u5<=4.5.0-6+deb12u1 | 4.5.1+git230720-5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)