CVE-2018-7456

NameCVE-2018-7456
DescriptionA NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1346-1, DLA-1347-1, DLA-1411-1, DSA-4349-1
NVD severitymedium
Debian Bugs891288

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tiff (PTS)stretch (security), stretch4.0.8-2+deb9u5fixed
buster, buster (security)4.1.0+git191117-2~deb10u2fixed
bullseye, sid4.2.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tiffsourcewheezy4.0.2-6+deb7u19DLA-1346-1
tiffsourcejessie4.0.3-12.3+deb8u6DLA-1411-1
tiffsourcestretch4.0.8-2+deb9u4DSA-4349-1
tiffsource(unstable)4.0.9-5891288
tiff3sourcewheezy3.9.6-11+deb7u10DLA-1347-1
tiff3source(unstable)(unfixed)

Notes

http://bugzilla.maptools.org/show_bug.cgi?id=2778
https://gitlab.com/libtiff/libtiff/commit/be4c85b16e8801a16eec25e80eb9f3dd6a96731b

Search for package or bug name: Reporting problems