Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 30 Jun 2016 06:40:38 +0000
From: "ncl@...k.li" <ncl@...k.li>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: Re: Re: CVE request: Heap-based buffer overflow in
 LibTIFF when using the PixarLog compression format

cve-assign@...re.org:
>> heap-based buffer overflow in
>> LibTIFF in the file libtiff/tif_pixarlog.c. The vulnerability allows an
>> attacker to control the size of the allocated heap-buffer while
>> independently controlling the data to be written to the buffer with no
>> restrictions on the size of the written data.
> 
>> revision 1.44
>> date: 2016-06-28 17:12:19 +0200; author: erouault; commitid: 2SqWSFG5a8Ewffcz;
> 
>> * libtiff/tif_pixarlog.c: fix potential buffer write overrun in
>> PixarLogDecode() on corrupted/unexpected images (reported by Mathias
>> Svensson)
> 
> Use CVE-2016-5875.

I think this is a duplicate with CVE-2016-5320 and CVE-2016-5314.

CVE-2016-5875 (buffer overrun in PixarLogDecode()) is CVE-2016-5314
(PixarLogDecode() out-of-bound writes) which causes CVE-2016-5320
(rgb2ycbcr command execution).

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.