CVE-2017-9117

Published: 21 May 2017

In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.

Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.0.9-4)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.0.6-1ubuntu0.4)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.0.3-7ubuntu0.9)

Notes

AuthorNote
sbeattie
likely only affects bmp2tiff binary, which was removed in
4.0.7 or 4.0.8
mdeslaur
proposed patch in upstream bug
bmp2tiff removed in recent versions
same fix as CVE-2017-5563
we will not be fixing this issue in precise/esm

References

Bugs