CVE-2015-8665 in Ubuntu

CVE-2015-8665

Priority

Description

tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial
of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF
image.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
http://www.openwall.com/lists/oss-security/2015/12/24/2
https://ubuntu.com/security/notices/USN-2939-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968

Assigned-to

mdeslaur

Notes

Package

Source: tiff (LP Ubuntu Debian)

Upstream:	released (4.0.6-1)
Ubuntu 16.04 ESM:	not-affected (4.0.6-1)
Ubuntu 14.04 ESM:	released (4.0.3-7ubuntu0.4)
Ubuntu 20.04 FIPS Compliant:	not-affected (4.0.6-1)

Patches:

Upstream:

https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 12:07:33 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)