CVE-2023-6277: Libtiff: out-of-memory in tiffopen via a craft file
First published: Fri Nov 24 2023(Updated: )
Accounts. The issue was addressed with improved checks.
Credit: CVE-2023-6277 CVE-2023-52356 Mickey Jin @patch1t D4m0n w0wbox Csaba Fitzl @theevilbit KandjiYisumi Junsung Lee Trend Micro Zero Day Initiative CrowdStrike Counter Adversary OperationsAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsGandalf4a CertiK SkyFall Team Minghao Lin Zhejiang UniversityJiaxun Zhu Zhejiang UniversityCVE-2024-40805 Wojciech Regula SecuRingZhongquan Li @Guluisacat Dawn Security Lab of JingDongHuang Xilin Ant Group LightMaksymilian Motyl Johan Carlsson (joaxcar) Seunghyun Lee @0x10n KAIST Hacking Lab working with Trend Micro Zero Day InitiativeGary Kwong Andreas Jaegersberger Ro Achterberg Jacob Braun an anonymous researcher Kirin @Pwnrin Bistrit Dahal Srijan Poudel Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaMinghao Lin Baidu Security Baidu SecurityYe Zhang @VAR10CK Baidu SecurityMichael DePlante @izobashi Trend Micro Zero Day InitiativeCVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 sqrtpwn Patrick Wardle DoubleYouAdam M. CVE-2024-6387 Claudio Bozzato Cisco TalosFrancesco Benvenuto Cisco TalosCVE-2024-23296 Yadhu Krishna M Cyber Security At Suma Soft PvtNarendra Bhati Cyber Security At Suma Soft PvtManager Cyber Security At Suma Soft PvtPune (India) Joshua Jones Marcio Almeida Tanto SecurityJiahui Hu (梅零落) NorthSeaMeng Zhang (鲸落) NorthSeaMatthew Loewen Yann Gascuel Alter SolutionsRodolphe BRUNETTI @eisw0lf Mickey Jin @patch1t Kandji KandjiMateen Alinaghi Csaba Fitzl @theevilbit Offensive Security Dawn Security Lab of JingDongJiwon Park Arsenii Kostromin (0x3c3e) CVE-2024-4558 Matthew Butler IES Red Team ByteDanceYeto Pr BarPr Hebrew University EP Hanqiu Wang University of FloridaZihao Zhan Texas Tech UniversityHaoqi Shan CertikSiqi Dai University of FloridaMax Panoff University of Florida University of FloridaShuo Wang University of FloridaMinghao Lin Meysam Firouzi @R00tkitSMM secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Monterey | <12.7.6 | 12.7.6 |
| debian/tiff | <=4.2.0-1+deb11u5<=4.5.0-6+deb12u1 | 4.5.1+git230720-5 |
| IBM Cognos Analytics | <=12.0.0-12.0.3 | |
| IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 | |
| Apple macOS | <14.6 | 14.6 |
| Apple macOS | <13.6.8 | 13.6.8 |
| All of | ||
| Any of | ||
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| libtiff | ||
| Fedoraproject Fedora | =38 | |
| tvOS | <17.6 | 17.6 |
| Apple iOS, iPadOS, and watchOS | <16.7.9 | 16.7.9 |
| Apple iOS, iPadOS, and watchOS | <16.7.9 | 16.7.9 |
| Apple iOS, iPadOS, and watchOS | <17.6 | 17.6 |
| Apple iOS, iPadOS, and watchOS | <17.6 | 17.6 |
| Apple iOS, iPadOS, and watchOS | <10.6 | 10.6 |
| visionOS | <1.3 | 1.3 |
| Fedora | =38 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2251311
- https://access.redhat.com/security/cve/CVE-2023-6277
- https://gitlab.com/libtiff/libtiff/-/issues/614
- https://gitlab.com/libtiff/libtiff/-/merge_requests/545
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7ZGN2MZXJ6E57W3L4YBM3ZPAU3T7T5C/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJIN6DTSL3VODZUGWEUXLEL5DR53EZMV/
- https://security.netapp.com/advisory/ntap-20240119-0002/
- https://launchpad.net/bugs/cve/CVE-2023-6277
- https://gitlab.com/libtiff/libtiff/-/commit/d6bbe53a96b031ab8b53d20241825ddf9e8bf8f1
- https://gitlab.com/libtiff/libtiff/-/commit/264a28eff71cf0038ba7b235238512fa594fa42f
- https://gitlab.com/libtiff/libtiff/-/commit/abb4476fd2be87fc8ded3078e019f22f84ee0e8c
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2251315
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2251313
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2251314
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2251316
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2251319
- https://support.apple.com/en-us/HT214123 (Advisory)
- https://support.apple.com/en-us/HT214118 (Advisory)
- https://support.apple.com/en-us/HT214117 (Advisory)
- https://support.apple.com/en-us/HT214116 (Advisory)
- https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a
- https://bugs.debian.org/1057270
- https://security-tracker.debian.org/tracker/CVE-2023-6277
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6277
- https://nvd.nist.gov/vuln/detail/CVE-2023-6277
- https://ubuntu.com/security/CVE-2023-6277
- https://www.ibm.com/support/pages/node/7177223 (Advisory)
- https://support.apple.com/en-us/HT214119 (Advisory)
- https://support.apple.com/en-us/HT214120 (Advisory)
- https://support.apple.com/en-us/120914 (Advisory)
- https://support.apple.com/en-us/120916 (Advisory)
- https://support.apple.com/en-us/120910 (Advisory)
- https://support.apple.com/en-us/120911 (Advisory)
- https://support.apple.com/en-us/120909 (Advisory)
- https://support.apple.com/en-us/120908 (Advisory)
- https://support.apple.com/en-us/120912 (Advisory)
- https://support.apple.com/en-us/120915 (Advisory)
- https://support.apple.com/kb/HT214118
- https://support.apple.com/en-us/HT214124 (Advisory)
- https://support.apple.com/en-us/HT214122 (Advisory)
- https://support.apple.com/kb/HT214119
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2024-40783
- CVE-2024-27826
- CVE-2024-40775
- CVE-2024-40774
- CVE-2024-27877
- CVE-2024-40799
- CVE-2024-27873
- CVE-2024-2004
- CVE-2024-2379
- CVE-2024-2398
- CVE-2024-2466
- CVE-2024-40827
- CVE-2024-40828
- CVE-2023-6277
- CVE-2023-52356
- CVE-2024-40806
- CVE-2024-40816
- CVE-2024-40788
- CVE-2024-40803
- CVE-2024-40796
- CVE-2024-6387
- CVE-2024-40781
- CVE-2024-40802
- CVE-2024-40823
- CVE-2024-27882
- CVE-2024-27883
- CVE-2024-40800
- CVE-2024-23296
- CVE-2024-40817
- CVE-2024-27881
- CVE-2024-40821
- CVE-2024-40798
- CVE-2024-40833
- CVE-2024-40835
- CVE-2024-40807
- CVE-2024-40834
- CVE-2024-40787
- CVE-2024-40793
- CVE-2024-40809
- CVE-2024-40812
- CVE-2024-23261
- CVE-2024-40804
- CVE-2023-38709
- CVE-2024-24795
- CVE-2024-27316
- CVE-2024-40814
- CVE-2024-27878
- CVE-2024-40815
- CVE-2024-40795
- CVE-2024-40777
- CVE-2024-40784
- CVE-2024-27863
- CVE-2024-40805
- CVE-2024-40832
- CVE-2024-40778
- CVE-2023-27952
- CVE-2024-40824
- CVE-2024-27871
- CVE-2024-27872
- CVE-2024-27862
- CVE-2024-40836
- CVE-2024-40818
- CVE-2024-40822
- CVE-2024-40811
- CVE-2024-40776
- CVE-2024-40782
- CVE-2024-40779
- CVE-2024-40780
- CVE-2024-40785
- CVE-2024-40789
- CVE-2024-4558
- CVE-2024-40794
- CVE-2024-40786
- CVE-2024-40829
- CVE-2024-44306
- CVE-2024-44307
- CVE-2024-44141
- CVE-2024-40810
- CVE-2024-44205
- CVE-2024-44185
- CVE-2024-44206
- CVE-2024-40813
- CVE-2024-27804
- CVE-2024-27823
- CVE-2024-40865
Frequently Asked Questions
What is CVE-2023-6277?
CVE-2023-6277 is a vulnerability in the libtiff library that allows a remote attacker to cause a denial of service by exploiting an out-of-memory flaw in the TIFFOpen() API.
What is the severity of CVE-2023-6277?
The severity of CVE-2023-6277 is high with a CVSS score of 7.5.
How does CVE-2023-6277 impact libtiff?
CVE-2023-6277 impacts libtiff by allowing a remote attacker to cause a denial of service by exploiting an out-of-memory flaw in the TIFFOpen() API.
How can I fix CVE-2023-6277?
To fix CVE-2023-6277, you should update to the latest version of libtiff where the vulnerability has been patched.
Where can I find more information about CVE-2023-6277?
You can find more information about CVE-2023-6277 at the following references: [Red Hat CVE Page](https://access.redhat.com/security/cve/CVE-2023-6277), [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2251311), and [libtiff GitLab Issues](https://gitlab.com/libtiff/libtiff/-/issues/614).
- agent/type
- agent/title
- agent/severity
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/remedy
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-6277
- collector/apple-support
- source/Apple
- alias/CVE-2023-52356
- agent/software-canonical-lookup
- collector/security-tracker-debian
- source/Debian
- collector/usn-cve
- source/Ubuntu
- collector/ibm-support
- source/IBM
- agent/trending
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/software-canonical-lookup-request
- alias/CVE-2024-2004
- alias/CVE-2024-2379
- alias/CVE-2024-2398
- alias/CVE-2024-2466
- alias/CVE-2024-40827
- alias/CVE-2024-44141
- alias/CVE-2024-40815
- alias/CVE-2024-40795
- alias/CVE-2024-40806
- alias/CVE-2024-40777
- alias/CVE-2024-40784
- alias/CVE-2024-40810
- alias/CVE-2024-27863
- alias/CVE-2024-40816
- alias/CVE-2024-40788
- alias/CVE-2024-40803
- alias/CVE-2024-40805
- alias/CVE-2024-40832
- alias/CVE-2024-40796
- alias/CVE-2024-6387
- alias/CVE-2024-40781
- alias/CVE-2024-40802
- alias/CVE-2024-40823
- alias/CVE-2024-27882
- alias/CVE-2024-27883
- alias/CVE-2024-40778
- alias/CVE-2024-40800
- alias/CVE-2023-27952
- alias/CVE-2024-40817
- alias/CVE-2024-40824
- alias/CVE-2024-27871
- alias/CVE-2024-27881
- alias/CVE-2024-40821
- alias/CVE-2024-40798
- alias/CVE-2024-27872
- alias/CVE-2024-27862
- alias/CVE-2024-40833
- alias/CVE-2024-40835
- alias/CVE-2024-40836
- alias/CVE-2024-40807
- alias/CVE-2024-40834
- alias/CVE-2024-40809
- alias/CVE-2024-40812
- alias/CVE-2024-40787
- alias/CVE-2024-40793
- alias/CVE-2024-40818
- alias/CVE-2024-40822
- alias/CVE-2024-44205
- alias/CVE-2024-40828
- alias/CVE-2024-40811
- alias/CVE-2024-40776
- alias/CVE-2024-40782
- alias/CVE-2024-40779
- alias/CVE-2024-40780
- alias/CVE-2024-40785
- alias/CVE-2024-40789
- alias/CVE-2024-4558
- alias/CVE-2024-40794
- alias/CVE-2024-44185
- alias/CVE-2024-44206
- alias/CVE-2024-27873
- alias/CVE-2023-38709
- alias/CVE-2024-24795
- alias/CVE-2024-27316
- alias/CVE-2024-40783
- alias/CVE-2024-40774
- alias/CVE-2024-40814
- alias/CVE-2024-40775
- alias/CVE-2024-27877
- alias/CVE-2024-27878
- alias/CVE-2024-44306
- alias/CVE-2024-44307
- alias/CVE-2024-40799
- alias/CVE-2024-40786
- alias/CVE-2024-23261
- alias/CVE-2024-40829
- alias/CVE-2024-27826
- collector/nvd-cve
- source/NVD
- agent/event
- alias/CVE-2024-23296
- agent/references
- agent/author
- agent/weakness
- agent/description
- alias/CVE-2024-40813
- alias/CVE-2024-27804
- alias/CVE-2024-27823
- alias/CVE-2024-40865
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- vendor/apple
- canonical/apple macos monterey
- package-manager/debian
- vendor/ibm
- canonical/ibm cognos analytics
- version/ibm cognos analytics/12.0.0-12.0.3
- version/ibm cognos analytics/11.2.0-11.2.4 fp4
- canonical/apple macos
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- vendor/libtiff
- canonical/libtiff
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/38
- canonical/tvos
- canonical/apple ios, ipados, and watchos
- canonical/visionos
- canonical/fedora
- version/fedora/38