CVE-2019-17546

Published: 14 October 2019

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

From the Ubuntu security team

It was discovered that GDAL incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
blender Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
chromium-browser Launchpad, Ubuntu, Debian	Upstream	Released

	Ubuntu 21.10 (Impish Indri)	Not vulnerable (code not present)
	Ubuntu 21.04 (Hirsute Hippo)	Not vulnerable (code not present)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (code not present)
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (80.0.3987.87-0ubuntu0.18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (80.0.3987.87-0ubuntu0.16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
gdal Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Not vulnerable (uses system tiff)
	Ubuntu 21.04 (Hirsute Hippo)	Not vulnerable (uses system tiff)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (uses system tiff)
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (uses system tiff)
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needed)
	Ubuntu 14.04 ESM (Trusty Tahr)	Needed
	Patches: Upstream: https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf
insighttoolkit4 Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
ivtools Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
libtk-img Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
neuron Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
openjpeg2 Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Not vulnerable (uses system tiff)
	Ubuntu 21.04 (Hirsute Hippo)	Not vulnerable (uses system tiff)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (uses system tiff)
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (uses system tiff)
	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (uses system tiff)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
paraview Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
povray Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
qt4-x11 Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Does not exist
	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (uses system libtiff)
	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (uses system libtiff)
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (uses system libtiff)
qtimageformats-opensource-src Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
qtwebengine-opensource-src Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
sfftobmp Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
texmaker Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
tiff Launchpad, Ubuntu, Debian	Upstream	Released (4.0.10+git190818-1)

	Ubuntu 21.10 (Impish Indri)	Not vulnerable (4.0.10+git191003-1)
	Ubuntu 21.04 (Hirsute Hippo)	Not vulnerable (4.0.10+git191003-1)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (4.0.10+git191003-1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.0.9-5ubuntu0.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.0.6-1ubuntu0.7)
	Ubuntu 14.04 ESM (Trusty Tahr)	Needed
	Patches: Upstream: https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145
xloadimage Launchpad, Ubuntu, Debian	Upstream	Needs triage

	Ubuntu 21.10 (Impish Indri)	Needs triage
	Ubuntu 21.04 (Hirsute Hippo)	Ignored (reached end-of-life)
	Ubuntu 20.04 LTS (Focal Fossa)	Needs triage
	Ubuntu 18.04 LTS (Bionic Beaver)	Needs triage
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (end of standard support, was needs-triage)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›