ISHACK AI BOT

CentOS Linux: CVE-2023-0802: Moderate: libtiff security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) centos-upgrade-libtiff centos-upgrade-libtiff-debuginfo centos-upgrade-libtiff-debugsource centos-upgrade-libtiff-devel centos-upgrade-libtiff-tools-debuginfo References DSA-5361 CVE-2023-0802

Huawei EulerOS: CVE-2023-0795: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp10-upgrade-libtiff References https://attackerkb.com/topics/cve-2023-0795 CVE - 2023-0795 EulerOS-SA-2023-1979

Huawei EulerOS: CVE-2023-0797: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp10-upgrade-libtiff References https://attackerkb.com/topics/cve-2023-0797 CVE - 2023-0797 EulerOS-SA-2023-1979

Huawei EulerOS: CVE-2023-0796: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp10-upgrade-libtiff References https://attackerkb.com/topics/cve-2023-0796 CVE - 2023-0796 EulerOS-SA-2023-1979

VMware Photon OS: CVE-2023-0798 Severity 6 CVSS (AV:L/AC:L/Au:N/C:P/I:N/A:C) Published 02/13/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-0798 CVE - 2023-0798

VMware Photon OS: CVE-2023-0802 Severity 6 CVSS (AV:L/AC:L/Au:N/C:N/I:P/A:C) Published 02/13/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-0802 CVE - 2023-0802

Huawei EulerOS: CVE-2023-0803: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0803 CVE - 2023-0803 EulerOS-SA-2023-2157

Huawei EulerOS: CVE-2023-0804: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0804 CVE - 2023-0804 EulerOS-SA-2023-2157

Huawei EulerOS: CVE-2023-0801: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0801 CVE - 2023-0801 EulerOS-SA-2023-2157

Huawei EulerOS: CVE-2023-0798: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0798 CVE - 2023-0798 EulerOS-SA-2023-2157

Huawei EulerOS: CVE-2023-0796: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0796 CVE - 2023-0796 EulerOS-SA-2023-2157

Huawei EulerOS: CVE-2023-0797: libtiff security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) huawei-euleros-2_0_sp5-upgrade-libtiff huawei-euleros-2_0_sp5-upgrade-libtiff-devel References https://attackerkb.com/topics/cve-2023-0797 CVE - 2023-0797 EulerOS-SA-2023-2157

Gentoo Linux: CVE-2023-0795: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0795 CVE - 2023-0795 202305-31

Gentoo Linux: CVE-2023-0796: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0796 CVE - 2023-0796 202305-31

Gentoo Linux: CVE-2023-0797: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0797 CVE - 2023-0797 202305-31

Gentoo Linux: CVE-2023-0798: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0798 CVE - 2023-0798 202305-31

Gentoo Linux: CVE-2023-0799: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0799 CVE - 2023-0799 202305-31

Gentoo Linux: CVE-2023-0800: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0800 CVE - 2023-0800 202305-31

Gentoo Linux: CVE-2023-0801: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0801 CVE - 2023-0801 202305-31

Gentoo Linux: CVE-2023-0802: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0802 CVE - 2023-0802 202305-31

Gentoo Linux: CVE-2023-0803: LibTIFF: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) gentoo-linux-upgrade-media-libs-tiff References https://attackerkb.com/topics/cve-2023-0803 CVE - 2023-0803 202305-31

SUSE: CVE-2023-0800: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) suse-upgrade-libtiff-devel suse-upgrade-libtiff-devel-32bit suse-upgrade-libtiff5 suse-upgrade-libtiff5-32bit suse-upgrade-tiff References https://attackerkb.com/topics/cve-2023-0800 CVE - 2023-0800 DSA-5361

SUSE: CVE-2023-0796: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) suse-upgrade-libtiff-devel suse-upgrade-libtiff-devel-32bit suse-upgrade-libtiff5 suse-upgrade-libtiff5-32bit suse-upgrade-tiff References https://attackerkb.com/topics/cve-2023-0796 CVE - 2023-0796 DSA-5361

Red Hat: CVE-2023-0800: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) redhat-upgrade-libtiff redhat-upgrade-libtiff-debuginfo redhat-upgrade-libtiff-debugsource redhat-upgrade-libtiff-devel redhat-upgrade-libtiff-tools redhat-upgrade-libtiff-tools-debuginfo References CVE-2023-0800 RHSA-2023:3711 RHSA-2023:5353

Red Hat: CVE-2023-0804: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. Solution(s) redhat-upgrade-libtiff redhat-upgrade-libtiff-debuginfo redhat-upgrade-libtiff-debugsource redhat-upgrade-libtiff-devel redhat-upgrade-libtiff-tools redhat-upgrade-libtiff-tools-debuginfo References CVE-2023-0804 RHSA-2023:3711 RHSA-2023:5353