发布于3月6日3月6日 Members Red Hat: CVE-2023-0799: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (Multiple Advisories) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 02/13/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Solution(s) redhat-upgrade-libtiff redhat-upgrade-libtiff-debuginfo redhat-upgrade-libtiff-debugsource redhat-upgrade-libtiff-devel redhat-upgrade-libtiff-tools redhat-upgrade-libtiff-tools-debuginfo References CVE-2023-0799 RHSA-2023:3711
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。