Vulnerability Details : CVE-2017-11613
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2017-11613
- cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-11613
1.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-11613
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2017-11613
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-11613
-
https://usn.ubuntu.com/3606-1/
USN-3606-1: LibTIFF vulnerabilities | Ubuntu security notices
-
https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html
[SECURITY] [DLA 1391-1] tiff security update
-
https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f
poc ยท GitHubThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4349
Debian -- Security Information -- DSA-4349-1 tiff
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html
[SECURITY] [DLA 1411-1] tiff security update
-
http://www.securityfocus.com/bid/99977
LibTIFF 'TIFFOpen()' Function Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to