RHSA-2023:3711: Moderate: libtiff security update
First published: Wed Jun 21 2023(Updated: )
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.<br>Security Fix(es):<br><li> libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281)</li> <li> libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0795)</li> <li> libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0796)</li> <li> libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0797)</li> <li> libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c (CVE-2023-0798)</li> <li> libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0799)</li> <li> libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800)</li> <li> libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801)</li> <li> libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802)</li> <li> libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803)</li> <li> libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/libtiff | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debugsource | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debugsource | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-devel | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-devel | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-tools-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-tools-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-debugsource | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-devel | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-tools-debuginfo | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-debuginfo | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-debugsource | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-devel | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-tools-debuginfo | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-tools | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-tools | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
| redhat/libtiff-tools | <4.4.0-8.el9_2.aa | 4.4.0-8.el9_2.aa |
| redhat/libtiff-tools | <4.4.0-8.el9_2 | 4.4.0-8.el9_2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2163606
- https://bugzilla.redhat.com/show_bug.cgi?id=2170119
- https://bugzilla.redhat.com/show_bug.cgi?id=2170146
- https://bugzilla.redhat.com/show_bug.cgi?id=2170151
- https://bugzilla.redhat.com/show_bug.cgi?id=2170157
- https://bugzilla.redhat.com/show_bug.cgi?id=2170162
- https://bugzilla.redhat.com/show_bug.cgi?id=2170167
- https://bugzilla.redhat.com/show_bug.cgi?id=2170172
- https://bugzilla.redhat.com/show_bug.cgi?id=2170178
- https://bugzilla.redhat.com/show_bug.cgi?id=2170187
- https://bugzilla.redhat.com/show_bug.cgi?id=2170192
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2023:3711 (Advisory)
Frequently Asked Questions
What security issues are addressed in RHSA-2023:3711?
RHSA-2023:3711 addresses a heap-based buffer overflow in processCropSelections() and an out-of-bounds read in libtiff.
What is the severity of RHSA-2023:3711?
The severity of RHSA-2023:3711 is classified as important due to potential exploitability.
How do I fix RHSA-2023:3711?
To fix RHSA-2023:3711, update the libtiff package to version 4.4.0-8.el9_2 or later.
Which versions of libtiff are affected by RHSA-2023:3711?
All versions of libtiff prior to 4.4.0-8.el9_2 are affected by RHSA-2023:3711.
Is there a workaround for RHSA-2023:3711 until I can apply the update?
There is no known workaround for RHSA-2023:3711; applying the update is the recommended action.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2023:3711
- agent/software-canonical-lookup
- package-manager/redhat