CVE-2018-7456

NameCVE-2018-7456
DescriptionA NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1346-1, DLA-1347-1, DLA-1411-1, DSA-4349-1
Debian Bugs891288

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tiff (PTS)buster4.1.0+git191117-2~deb10u4fixed
buster (security)4.1.0+git191117-2~deb10u9fixed
bullseye (security), bullseye4.2.0-1+deb11u5fixed
bookworm, bookworm (security)4.5.0-6+deb12u1fixed
sid, trixie4.5.1+git230720-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tiffsourcewheezy4.0.2-6+deb7u19DLA-1346-1
tiffsourcejessie4.0.3-12.3+deb8u6DLA-1411-1
tiffsourcestretch4.0.8-2+deb9u4DSA-4349-1
tiffsource(unstable)4.0.9-5891288
tiff3sourcewheezy3.9.6-11+deb7u10DLA-1347-1
tiff3source(unstable)(unfixed)

Notes

http://bugzilla.maptools.org/show_bug.cgi?id=2778
https://gitlab.com/libtiff/libtiff/commit/be4c85b16e8801a16eec25e80eb9f3dd6a96731b

Search for package or bug name: Reporting problems