CVE-2019-6128

Published: 11 January 2019

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream
Released (4.0.10-4)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.0.9-5ubuntu0.2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (4.0.6-1ubuntu0.6)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.0.3-7ubuntu0.11)
Patches:
Upstream: https://gitlab.com/libtiff/libtiff/commit/ae0bed1fe530a82faf2e9ea1775109dbf301a971