Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 14 Jul 2016 14:16:02 -0400 (EDT)
From: cve-assign@...re.org
To: idolf@...gle.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: Information leak in LibTIFF

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> I would like to request a CVE number for an information leak in LibTIFF,
> specifically in the file libtiff/tif_read.c.
> 
> The vulnerability allows an attacker to specify a negative index into the
> file-content buffer and copy data from that position until the end of the
> buffer.
> 
> This will allow an attacker to crash the process by accessing unmapped
> memory and (depending on how LibTIFF is used) might also allow an attacker
> to leak sensitive information.
> 
> The issue is fixed in CVS HEAD with the commit:
> 
> revision 1.49
> date: 2016-07-10 20:00:21 +0200;  author: erouault;
> commitid: YhOZoKv5OA9gNNdz;
> * libtiff/tif_read.c: Fix out-of-bounds read on
> memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1()
> when stripoffset is beyond tmsize_t max value (reported by
> Mathias Svensson)

Use CVE-2016-6223.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXh9YEAAoJEHb/MwWLVhi2NZIP/AlJLMTfzlrz/si4ZZdxud9U
yJTUt7t/zzzH7oLx0rzZb+hivMp6Z5P5Cqhn8eVzTj+hOMFTaZek+sBaf034WKxN
qZyaVdu4VHs1gpJNJpP7t0toXdUmNMh2CKsx7PUEfrM73o+VeiwaWgG8UvuJO5vd
28sspVqmhtfOmsPtx6mnIabnHtZG0N4TE/FUVKF9mRp73xlxhxB3gkwAzAXy5sRh
R23M0qU5v5HkryvUvKoA0sQ3H6dgMDMqUE/Gq6B67t2Lm98E0DLPnayCn5x/Jkzf
IrNGI8e2yRjqggeXKO/SRfmZSR/1qM43vGuHeYbgn0ZOJPPrFIv9+BY9uN6fIfpH
ox5x2GXFVMp79Rwnea2ywy0Z6mCBLvmFCs8In2B4GxoVJ+MUVAuhyFUqctgrZ81L
5uphXH8KDhKiY5k/qa6T9j2eNz13Por3UvK0irEixsgaUQzEz3wNUy8mW56L0mB0
4sCZVlH5zt5/eIDHRWxHrbBR3Oo27R21ONVP2MJTthcVthCiLnMvZEcNOOp7//MR
1FWYp3qsPrc858j7ZWtyXvpROscv/ivN7V6xzPvjYal+qVs4RPexwJ3/pUn63fms
mEZdDlbzR7ecLPXRHksx99FgT9R/ETgugd1oYKwgCo+zVgCHGrJH3XvhQQsHgCK+
A/ao2iuPSnQu1eG2aUSi
=Bszf
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ