CVE-2019-12213

Priority
Description
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory
function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
Ubuntu-Description
It was discovered that FreeImage incorrectly processed images under
certain circumstances. If a user were tricked into opening a crafted TIFF
file, a remote attacker could possibly use this issue to cause a stack
exhaustion condition, resulting in a denial of service attack.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):released (3.17.0+ds1-5+deb9u1build0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):needed
Ubuntu 20.10 (Groovy Gorilla):not-affected (3.18.0+ds2-6ubuntu1)
More Information

Updated: 2020-10-06 20:14:28 UTC (commit 7efb916343184e96da89bec731a5a8bf3e56e17f)