- Vulnerability/
- USN-6428-1
USN-6428-1: LibTIFF vulnerability
First published: Wed Oct 11 2023(Updated: )
It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libtiff-tools | <4.5.0-5ubuntu1.2 | 4.5.0-5ubuntu1.2 |
| =23.04 | ||
| All of | ||
| ubuntu/libtiff6 | <4.5.0-5ubuntu1.2 | 4.5.0-5ubuntu1.2 |
| =23.04 | ||
| All of | ||
| ubuntu/libtiff-tools | <4.3.0-6ubuntu0.6 | 4.3.0-6ubuntu0.6 |
| =22.04 | ||
| All of | ||
| ubuntu/libtiff5 | <4.3.0-6ubuntu0.6 | 4.3.0-6ubuntu0.6 |
| =22.04 | ||
| All of | ||
| ubuntu/libtiff-tools | <4.1.0+git191117-2ubuntu0.20.04.10 | 4.1.0+git191117-2ubuntu0.20.04.10 |
| =20.04 | ||
| All of | ||
| ubuntu/libtiff5 | <4.1.0+git191117-2ubuntu0.20.04.10 | 4.1.0+git191117-2ubuntu0.20.04.10 |
| =20.04 | ||
| All of | ||
| ubuntu/libtiff-tools | <4.0.9-5ubuntu0.10+esm3 | 4.0.9-5ubuntu0.10+esm3 |
| =18.04 | ||
| All of | ||
| ubuntu/libtiff5 | <4.0.9-5ubuntu0.10+esm3 | 4.0.9-5ubuntu0.10+esm3 |
| =18.04 | ||
| All of | ||
| ubuntu/libtiff-tools | <4.0.6-1ubuntu0.8+esm13 | 4.0.6-1ubuntu0.8+esm13 |
| =16.04 | ||
| All of | ||
| ubuntu/libtiff5 | <4.0.6-1ubuntu0.8+esm13 | 4.0.6-1ubuntu0.8+esm13 |
| =16.04 | ||
| All of | ||
| ubuntu/libtiff-tools | <4.0.3-7ubuntu0.11+esm10 | 4.0.3-7ubuntu0.11+esm10 |
| =14.04 | ||
| All of | ||
| ubuntu/libtiff5 | <4.0.3-7ubuntu0.11+esm10 | 4.0.3-7ubuntu0.11+esm10 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this LibTIFF vulnerability?
The vulnerability ID for this LibTIFF vulnerability is USN-6428-1.
What is the severity of USN-6428-1?
The severity of USN-6428-1 is not specified in the provided information.
How does the LibTIFF vulnerability affect Ubuntu 23.04?
The LibTIFF vulnerability affects Ubuntu 23.04 and requires an update to libtiff-tools version 4.5.0-5ubuntu1.2 or later.
How can I fix the LibTIFF vulnerability in Ubuntu 22.04?
To fix the LibTIFF vulnerability in Ubuntu 22.04, update to libtiff-tools version 4.3.0-6ubuntu0.6 or later.
Where can I find more information about the LibTIFF vulnerability?
More information about the LibTIFF vulnerability can be found at the following references: [CVE-2023-1916](https://ubuntu.com/security/CVE-2023-1916), [Ubuntu Security Notice](https://ubuntu.com/security/notices/USN-6428-1), [LibTIFF Launchpad](https://launchpad.net/ubuntu/+source/tiff/4.5.0-5ubuntu1.2), [LibTIFF Launchpad](https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.6).
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- agent/title
- agent/tags
- agent/description
- agent/event
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.04
- version/ubuntu ubuntu/22.04
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04