CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
libtifflibtiff
𝑥
< 4.5.0
netappactive_iq_unified_manager
-
debiandebian_linux
10.0
applesafari
𝑥
< 16.5.1
appleipados
𝑥
< 16.6
appleiphone_os
𝑥
< 16.6
applemacos
𝑥
< 13.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
tiff
bookworm
4.5.0-6+deb12u1
fixed
bookworm (security)
4.5.0-6+deb12u1
fixed
bullseye
4.2.0-1+deb11u5
fixed
bullseye (security)
4.2.0-1+deb11u5
fixed
sid
4.5.1+git230720-5
fixed
trixie
4.5.1+git230720-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libtiff
bionic
dne
focal
dne
jammy
dne
kinetic
dne
trusty
ignored
xenial
ignored
tiff
bionic
Fixed 4.0.9-5ubuntu0.9
released
focal
Fixed 4.1.0+git191117-2ubuntu0.20.04.7
released
jammy
Fixed 4.3.0-6ubuntu0.3
released
kinetic
Fixed 4.4.0-4ubuntu3.2
released
trusty
Fixed 4.0.3-7ubuntu0.11+esm6
released
xenial
Fixed 4.0.6-1ubuntu0.8+esm8
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libtiff-devel
suse enterprise desktop 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise desktop 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise sap 15
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise sap 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise server 15
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise server 15 SP7
4.7.0-150600.3.8.1
fixed
libtiff5
suse enterprise desktop 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP7
4.0.9-150000.45.19.1
fixed
suse enterprise sap 12 SP5
4.0.9-44.59.1
fixed
suse enterprise sap 15
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP7
4.0.9-150000.45.19.1
fixed
suse enterprise server 12 SP2
4.0.9-44.59.1
fixed
suse enterprise server 12 SP3
4.0.9-44.59.1
fixed
suse enterprise server 12 SP4
4.0.9-44.59.1
fixed
suse enterprise server 12 SP5
4.0.9-44.59.1
fixed
suse enterprise server 15
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP3
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP7
4.0.9-150000.45.19.1
fixed
libtiff5-32bit
suse enterprise desktop 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise desktop 15 SP7
4.0.9-150000.45.19.1
fixed
suse enterprise sap 12 SP5
4.0.9-44.59.1
fixed
suse enterprise sap 15
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise sap 15 SP7
4.0.9-150000.45.19.1
fixed
suse enterprise server 12 SP2
4.0.9-44.59.1
fixed
suse enterprise server 12 SP3
4.0.9-44.59.1
fixed
suse enterprise server 12 SP4
4.0.9-44.59.1
fixed
suse enterprise server 12 SP5
4.0.9-44.59.1
fixed
suse enterprise server 15
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP1
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP2
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP4
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP5
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP6
4.0.9-150000.45.19.1
fixed
suse enterprise server 15 SP7
4.0.9-150000.45.19.1
fixed
libtiff6
suse enterprise desktop 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise desktop 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise sap 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise sap 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise server 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise server 15 SP7
4.7.0-150600.3.8.1
fixed
libtiff6-32bit
suse enterprise desktop 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise desktop 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise sap 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise sap 15 SP7
4.7.0-150600.3.8.1
fixed
suse enterprise server 15 SP6
4.6.0-150600.1.4
fixed
suse enterprise server 15 SP7
4.7.0-150600.3.8.1
fixed
tiff
suse enterprise sap 12 SP5
4.0.9-44.59.1
fixed
suse enterprise server 12 SP2
4.0.9-44.59.1
fixed
suse enterprise server 12 SP3
4.0.9-44.59.1
fixed
suse enterprise server 12 SP4
4.0.9-44.59.1
fixed
suse enterprise server 12 SP5
4.0.9-44.59.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
libtiff
RHEL 8
0:4.0.9-27.el8
fixed
RHEL 9
0:4.4.0-7.el9
fixed
libtiff-devel
RHEL 8
0:4.0.9-27.el8
fixed
RHEL 9
0:4.4.0-7.el9
fixed
libtiff-tools
RHEL 8
0:4.0.9-27.el8
fixed
RHEL 9
0:4.4.0-7.el9
fixed
Common Weakness Enumeration
References
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be
https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
https://oss-fuzz.com/download?testcase_id=5738253143900160
https://security.netapp.com/advisory/ntap-20221215-0009/
https://support.apple.com/kb/HT213841
https://support.apple.com/kb/HT213843
https://vuldb.com/?id.213549
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be
https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
https://oss-fuzz.com/download?testcase_id=5738253143900160
https://security.netapp.com/advisory/ntap-20221215-0009/
https://support.apple.com/kb/HT213841
https://support.apple.com/kb/HT213843
https://vuldb.com/?id.213549