CVE-2016-5102

NameCVE-2016-5102
DescriptionBuffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-693-1
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tiff (PTS)stretch (security), stretch4.0.8-2+deb9u5fixed
buster, buster (security)4.1.0+git191117-2~deb10u2fixed
bullseye, sid4.2.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tiffsourcewheezy4.0.2-6+deb7u7DLA-693-1
tiffsourcejessie4.0.3-12.3+deb8u2
tiffsource(unstable)4.0.6-3
tiff3sourcewheezy(not affected)
tiff3source(unstable)(unfixed)unimportant

Notes

[wheezy] - tiff3 <not-affected> (Does not ship libtiff-tools)
http://bugzilla.maptools.org/show_bug.cgi?id=2552
confirmed this still crashes with latest CVS, version v4.0.6
also confirmed this crashes v4.0.2 in wheezy
Upstream will remove gif2tiff from 4.0.7 release
No patch available. Marked as wontfix by upstream
Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5102.gif
gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package

Search for package or bug name: Reporting problems