Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-2265)

Published: 2020-01-23 12:43:17
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the Huawei EulerOS 'libtiff' Linux Distribution Package(s) announced via the EulerOS-SA-2019-2265 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.(CVE-2017-13727) The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7592) tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.(CVE-2017-7593) The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.(CVE-2017-7594) The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.(CVE-2017-7595) LibTIFF 4.0.7 has an 'outside the range of representable values of type float' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7596) tif_dirread.c in LibTIFF 4.0.7 has an 'outside the range of representable values of type float' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7597) LibTIFF 4.0.7 has an 'outside the range of representable values of type short' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7599) LibTIFF 4.0.7 has an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7600) tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.(CVE-2017-7598) LibTIFF 4.0.7 has a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7601) LibTIFF 4.0.7 has a signed ... Description truncated. Please see the references for more information.

Affected Versions:
'libtiff' Linux Distribution Package(s) on Huawei EulerOS V2.0SP3.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2016-10092
https://nvd.nist.gov/vuln/detail/CVE-2016-10266
https://nvd.nist.gov/vuln/detail/CVE-2016-10267
https://nvd.nist.gov/vuln/detail/CVE-2016-10268
https://nvd.nist.gov/vuln/detail/CVE-2016-10269
https://nvd.nist.gov/vuln/detail/CVE-2016-10270
https://nvd.nist.gov/vuln/detail/CVE-2016-10272
https://nvd.nist.gov/vuln/detail/CVE-2016-10371
https://nvd.nist.gov/vuln/detail/CVE-2016-3186
https://nvd.nist.gov/vuln/detail/CVE-2016-3622
https://nvd.nist.gov/vuln/detail/CVE-2016-9273
https://nvd.nist.gov/vuln/detail/CVE-2016-9538
https://nvd.nist.gov/vuln/detail/CVE-2016-9539
https://nvd.nist.gov/vuln/detail/CVE-2017-10688
https://nvd.nist.gov/vuln/detail/CVE-2017-12944
https://nvd.nist.gov/vuln/detail/CVE-2017-13726
https://nvd.nist.gov/vuln/detail/CVE-2017-13727
https://nvd.nist.gov/vuln/detail/CVE-2017-7592
https://nvd.nist.gov/vuln/detail/CVE-2017-7593
https://nvd.nist.gov/vuln/detail/CVE-2017-7594
https://nvd.nist.gov/vuln/detail/CVE-2017-7595
https://nvd.nist.gov/vuln/detail/CVE-2017-7596
https://nvd.nist.gov/vuln/detail/CVE-2017-7597
https://nvd.nist.gov/vuln/detail/CVE-2017-7598
https://nvd.nist.gov/vuln/detail/CVE-2017-7599
https://nvd.nist.gov/vuln/detail/CVE-2017-7600
https://nvd.nist.gov/vuln/detail/CVE-2017-7601
https://nvd.nist.gov/vuln/detail/CVE-2017-7602
https://nvd.nist.gov/vuln/detail/CVE-2017-9403
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2018-7456
https://nvd.nist.gov/vuln/detail/CVE-2018-8905

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2265

Search
Severity
High
CVSS Score
7.5

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.