Your submission was sent successfully! Close

CVE-2022-22844

Published: 10 January 2022

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

Priority

Negligible

CVSS 3 base score: 5.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian 		bionic Needed

focal Needed

hirsute Ignored
(reached end-of-life)
impish Needed

jammy Not vulnerable
(4.3.0-4)
trusty Needs triage

upstream
Released (4.3.0-3)
xenial Needs triage

Notes

AuthorNote
mdeslaur 
this is only a DoS in the tiffset command-line tool

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading