Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-2466)

Published: 2020-01-23 12:59:35
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the Huawei EulerOS 'libtiff' Linux Distribution Package(s) announced via the EulerOS-SA-2019-2466 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.(CVE-2017-13727) The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7592) An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.(CVE-2018-17100) tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.(CVE-2017-7593) The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.(CVE-2017-7594) The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.(CVE-2017-7595) LibTIFF 4.0.7 has an 'outside the range of representable values of type float' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7596) tif_dirread.c in LibTIFF 4.0.7 has an 'outside the range of representable values of type float' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7597) LibTIFF 4.0.7 has an 'outside the range of representable values of type short' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7599) LibTIFF 4.0.7 has an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.(CVE-2017-7600) tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.(CVE-2017-7598) LibTIFF 4.0.7 has a 'shift exponent too large for 6 ... Description truncated. Please see the references for more information.

Affected Versions:
'libtiff' Linux Distribution Package(s) on Huawei EulerOS V2.0SP2.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2016-10092
https://nvd.nist.gov/vuln/detail/CVE-2016-10266
https://nvd.nist.gov/vuln/detail/CVE-2016-10267
https://nvd.nist.gov/vuln/detail/CVE-2016-10268
https://nvd.nist.gov/vuln/detail/CVE-2016-10269
https://nvd.nist.gov/vuln/detail/CVE-2016-10270
https://nvd.nist.gov/vuln/detail/CVE-2016-10272
https://nvd.nist.gov/vuln/detail/CVE-2016-10371
https://nvd.nist.gov/vuln/detail/CVE-2016-3186
https://nvd.nist.gov/vuln/detail/CVE-2016-3622
https://nvd.nist.gov/vuln/detail/CVE-2016-3623
https://nvd.nist.gov/vuln/detail/CVE-2016-3624
https://nvd.nist.gov/vuln/detail/CVE-2016-5102
https://nvd.nist.gov/vuln/detail/CVE-2016-5318
https://nvd.nist.gov/vuln/detail/CVE-2016-5321
https://nvd.nist.gov/vuln/detail/CVE-2016-5323
https://nvd.nist.gov/vuln/detail/CVE-2016-6223
https://nvd.nist.gov/vuln/detail/CVE-2016-9273
https://nvd.nist.gov/vuln/detail/CVE-2016-9532
https://nvd.nist.gov/vuln/detail/CVE-2016-9538
https://nvd.nist.gov/vuln/detail/CVE-2016-9539
https://nvd.nist.gov/vuln/detail/CVE-2017-10688
https://nvd.nist.gov/vuln/detail/CVE-2017-12944
https://nvd.nist.gov/vuln/detail/CVE-2017-13726
https://nvd.nist.gov/vuln/detail/CVE-2017-13727
https://nvd.nist.gov/vuln/detail/CVE-2017-16232
https://nvd.nist.gov/vuln/detail/CVE-2017-5563
https://nvd.nist.gov/vuln/detail/CVE-2017-7592
https://nvd.nist.gov/vuln/detail/CVE-2017-7593
https://nvd.nist.gov/vuln/detail/CVE-2017-7594
https://nvd.nist.gov/vuln/detail/CVE-2017-7595
https://nvd.nist.gov/vuln/detail/CVE-2017-7596
https://nvd.nist.gov/vuln/detail/CVE-2017-7597
https://nvd.nist.gov/vuln/detail/CVE-2017-7598
https://nvd.nist.gov/vuln/detail/CVE-2017-7599
https://nvd.nist.gov/vuln/detail/CVE-2017-7600
https://nvd.nist.gov/vuln/detail/CVE-2017-7601
https://nvd.nist.gov/vuln/detail/CVE-2017-7602
https://nvd.nist.gov/vuln/detail/CVE-2017-9117
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9403
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2018-10963
https://nvd.nist.gov/vuln/detail/CVE-2018-12900
https://nvd.nist.gov/vuln/detail/CVE-2018-17100
https://nvd.nist.gov/vuln/detail/CVE-2018-17101
https://nvd.nist.gov/vuln/detail/CVE-2018-18557
https://nvd.nist.gov/vuln/detail/CVE-2018-18661
https://nvd.nist.gov/vuln/detail/CVE-2018-19210
https://nvd.nist.gov/vuln/detail/CVE-2018-8905
https://nvd.nist.gov/vuln/detail/CVE-2019-14973
https://nvd.nist.gov/vuln/detail/CVE-2019-17546
https://nvd.nist.gov/vuln/detail/CVE-2019-6128
https://nvd.nist.gov/vuln/detail/CVE-2019-7663

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2466

Search
Severity
High
CVSS Score
7.5

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.