Debian dla-3278 : libtiff-dev - security update

high Nessus Plugin ID 170240

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3278 advisory.

- ------------------------------------------------------------------------- Debian LTS Advisory DLA-3278-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler January 20, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : tiff Version : 4.1.0+git191117-2~deb10u5 CVE ID : CVE-2022-1354 CVE-2022-1355 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 CVE-2022-3970 CVE-2022-34526 Debian Bug : 1011160 1014494 1022555 1024737

Multiple vulnerabilities were found in tiff, a library and tools providing support for the Tag Image File Format (TIFF), leading to denial of service (DoS) and possibly local code execution.

CVE-2022-1354

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.

CVE-2022-1355

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

CVE-2022-2056, CVE-2022-2057, CVE-2022-2058

Divide By Zero error in tiffcrop allows attackers to cause a denial-of-service via a crafted tiff file.

CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

libtiff's tiffcrop utility has underflow and input validation flaw that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.

CVE-2022-3570, CVE-2022-3598

Multiple heap buffer overflows in tiffcrop.c utility in libtiff allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact.

CVE-2022-3597, CVE-2022-3626, CVE-2022-3627

Out-of-bounds write, allowing attackers to cause a denial-of-service via a crafted tiff file.

CVE-2022-3599

Out-of-bounds read in writeSingleSection in tools/tiffcrop.c, allowing attackers to cause a denial-of-service via a crafted tiff file.

CVE-2022-3970

Affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow.

CVE-2022-34526

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the tiffsplit or tiffcrop utilities.

For Debian 10 buster, these problems have been fixed in version 4.1.0+git191117-2~deb10u5.

We recommend that you upgrade your tiff packages.

For the detailed security status of tiff please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/tiff

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libtiff-dev packages.

Plugin Details

Severity: High

ID: 170240

File Name: debian_DLA-3278.nasl

Version: 1.2

Type: local

Agent: unix

Family: Debian Local Security Checks

Published: 1/21/2023

Updated: 1/22/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2022-2058

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-3970

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libtiff-dev, p-cpe:/a:debian:debian_linux:libtiff5, p-cpe:/a:debian:debian_linux:libtiff5-dev, p-cpe:/a:debian:debian_linux:libtiff-opengl, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:libtiff-tools, p-cpe:/a:debian:debian_linux:libtiff-doc, p-cpe:/a:debian:debian_linux:libtiffxx5

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/20/2023

Vulnerability Publication Date: 6/28/2022

Reference Information

CVE: CVE-2022-1354, CVE-2022-1355, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-34526, CVE-2022-3570, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970

Detections

Analytics