Vulnerability Details : CVE-2022-0891
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Vulnerability category: OverflowMemory CorruptionInformation leak
Exploit prediction scoring system (EPSS) score for CVE-2022-0891
Probability of exploitation activity in the next 30 days: 0.63%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-0891
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:P |
8.6
|
4.9
|
NIST |
|
6.1
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H |
1.8
|
4.2
|
GitLab Inc. |
|
7.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H |
2.8
|
4.2
|
NIST |
CWE ids for CVE-2022-0891
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-0891
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
[SECURITY] Fedora 36 Update: libtiff-4.3.0-6.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://www.debian.org/security/2022/dsa-5108
Debian -- Security Information -- DSA-5108-1 tiffThird Party Advisory
-
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
2022/CVE-2022-0891.json · master · GitLab.org / cves · GitLabThird Party Advisory;VDB Entry
-
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
tiffcrop: fix issue #380 and #382 heap buffer overflow in extractImageSection (232282fd) · Commits · freedesktop-sdk / mirrors / gitlab / libtiff / libtiff · GitLabPatch;Third Party Advisory
-
https://gitlab.com/libtiff/libtiff/-/issues/382
/tools/tiffcrop.c:6866 - Heap use after free in extractImageSection (#382) · Issues · libtiff / libtiff · GitLabExploit;Issue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20221228-0008/
April 2022 LibTIFF Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://security.gentoo.org/glsa/202210-10
LibTIFF: Multiple Vulnerabilities (GLSA 202210-10) — Gentoo securityThird Party Advisory
-
https://gitlab.com/libtiff/libtiff/-/issues/380
/tools/tiffcrop.c:6866 - Heap buffer overflow in extractImageSection (#380) · Issues · libtiff / libtiff · GitLabExploit;Issue Tracking;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
[SECURITY] Fedora 35 Update: libtiff-4.3.0-6.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
Products affected by CVE-2022-0891
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*