Your submission was sent successfully! Close

CVE-2019-17546

Published: 14 October 2019

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

From the Ubuntu security team

It was discovered that GDAL incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
blender
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
chromium-browser
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(80.0.3987.87-0ubuntu0.18.04.1)
disco Ignored
(reached end-of-life)
eoan Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
groovy Not vulnerable
(code not present)
hirsute Not vulnerable
(code not present)
impish Not vulnerable
(code not present)
jammy Not vulnerable
(code not present)
precise Does not exist

trusty Does not exist

upstream
Released
xenial Not vulnerable
(80.0.3987.87-0ubuntu0.16.04.1)
gdal
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(uses system tiff)
disco Not vulnerable
(uses system tiff)
eoan Not vulnerable
(uses system tiff)
focal Not vulnerable
(uses system tiff)
groovy Not vulnerable
(uses system tiff)
hirsute Not vulnerable
(uses system tiff)
impish Not vulnerable
(uses system tiff)
jammy Not vulnerable
(uses system tiff)
precise Does not exist

trusty Needed

upstream Needs triage

xenial Ignored
(end of standard support, was needed)
Patches:
upstream: https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf

insighttoolkit4
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
ivtools
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
libtk-img
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
neuron
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

openjpeg2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(uses system tiff)
disco Not vulnerable
(uses system tiff)
eoan Not vulnerable
(uses system tiff)
focal Not vulnerable
(uses system tiff)
groovy Not vulnerable
(uses system tiff)
hirsute Not vulnerable
(uses system tiff)
impish Not vulnerable
(uses system tiff)
jammy Not vulnerable
(uses system tiff)
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(uses system tiff)
paraview
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
povray
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
qt4-x11
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(uses system libtiff)
disco Not vulnerable
(uses system libtiff)
eoan Not vulnerable
(uses system libtiff)
focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Not vulnerable
(uses system libtiff)
upstream Needs triage

xenial Not vulnerable
(uses system libtiff)
qtimageformats-opensource-src
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
qtwebengine-opensource-src
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

sfftobmp
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
texmaker
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
tiff
Launchpad, Ubuntu, Debian
bionic
Released (4.0.9-5ubuntu0.3)
disco
Released (4.0.10-4ubuntu0.1)
eoan Not vulnerable
(4.0.10+git191003-1)
focal Not vulnerable
(4.0.10+git191003-1)
groovy Not vulnerable
(4.0.10+git191003-1)
hirsute Not vulnerable
(4.0.10+git191003-1)
impish Not vulnerable
(4.0.10+git191003-1)
jammy Not vulnerable
(4.0.10+git191003-1)
precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream
Released (4.0.10+git190818-1)
xenial
Released (4.0.6-1ubuntu0.7)
Patches:

upstream: https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145
xloadimage
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)