PublicDateAtUSN: 2018-05-07
Candidate: CVE-2018-10779
PublicDate: 2018-05-07 07:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779
 https://ubuntu.com/security/notices/USN-3906-1
 https://ubuntu.com/security/notices/USN-3906-2
Description:
 TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer
 over-read, as demonstrated by bmp2tiff.
Ubuntu-Description:
Notes:
 mdeslaur> upstream removed the bmp2tiff utility in 4.0.7, but this issue
 mdeslaur> is in the library, not the utility
Bugs:
 http://bugzilla.maptools.org/show_bug.cgi?id=2788
Priority: low
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM]


Patches_tiff:
 upstream: https://gitlab.com/libtiff/libtiff/commit/981e43ecae83935625c86c9118c0778c942c7048
upstream_tiff: needs-triage
precise/esm_tiff: released (3.9.5-2ubuntu1.12)
trusty_tiff: released (4.0.3-7ubuntu0.11)
trusty/esm_tiff: released (4.0.3-7ubuntu0.11)
xenial_tiff: released (4.0.6-1ubuntu0.6)
esm-infra/xenial_tiff: released (4.0.6-1ubuntu0.6)
artful_tiff: needed
bionic_tiff: released (4.0.9-5ubuntu0.2)
cosmic_tiff: released (4.0.9-6ubuntu0.2)
devel_tiff: not-affected (4.0.9-5)