Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 7 Feb 2015 12:13:13 -0500 (EST)
From: cve-assign@...re.org
To: Michal Zalewski <lcamtuf@...edump.cx>
cc: oss-security <oss-security@...ts.openwall.com>
Subject: Re: Multiple vulnerabilities in LibTIFF and associated
 tools


> http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-1.tif
>
>  - uninitialized memory in putcontig8bitYCbCr21tile
>    Fixed in:
>
>      2014-12-29  Even Rouault  <even.rouault@...tialys.com>
>
>      * libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height
>        in the putcontig8bitYCbCr42tile, putcontig8bitYCbCr41tile and
>        putcontig8bitYCbCr21tile cases.
>
>    I don't think this had a CVE number assigned yet.
>
> http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-2.tif
>
>  - uninitialized memory in NeXTDecode
>    Fixed in:
>
>      2014-12-29  Even Rouault  <even.rouault@...tialys.com>
>
>      * libtiff/tif_next.c: add new tests to check that we don't read outside of
>      the compressed input stream buffer.
>
>    I don't think this had a CVE number assigned yet.
>

Use CVE-2014-9655 for these two issues related to access of uninitialized 
memory, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.


> http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
>
>  - another use of uninitialized memory in NeXTDecode after fixing the
> previous case.
>    I don't think this had a CVE number assigned yet.


Use CVE-2015-1547 for this issue.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ