CVE-2017-9815

Published: 22 June 2017

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream
Released (4.0.8-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (4.0.6-1ubuntu0.3)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.0.3-7ubuntu0.8)
Patches:
Upstream: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b

Notes

AuthorNote
seth-arnold
If this actually leaks only the 8 bytes shown in the bug then this
cve should be rejected. I'm marking it 'low' rather than 'negligible'
just so that we eventually return to the bug and see the results.
mdeslaur
same commit as CVE-2017-9403
this will not be fixed in precise/esm

References

Bugs