Vulnerability Details : CVE-2022-1355
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2022-1355
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-1355
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
6.1
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H |
1.8
|
4.2
|
nvd@nist.gov |
CWE ids for CVE-2022-1355
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Secondary)
-
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).Assigned by: secalert@redhat.com (Primary)
References for CVE-2022-1355
-
https://security.netapp.com/advisory/ntap-20221014-0007/
August 2022 LibTIFF Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://access.redhat.com/security/cve/CVE-2022-1355
CVE-2022-1355- Red Hat Customer PortalIssue Tracking;Third Party Advisory
-
https://gitlab.com/libtiff/libtiff/-/merge_requests/323
tiffcp: avoid buffer overflow in "mode" string (fixes #400) (!323) · Merge requests · libtiff / libtiff · GitLabIssue Tracking;Patch;Third Party Advisory
-
https://gitlab.com/libtiff/libtiff/-/issues/400
AddressSanitizer: stack-buffer-overflow /home/lin/Downloads/libtiff/tools/tiffcp.c:289 in main (#400) · Issues · libtiff / libtiff · GitLabExploit;Issue Tracking;Patch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=2074415
2074415 – (CVE-2022-1355) CVE-2022-1355 libtiff: stack-buffer-overflow in tiffcp.c in main()Exploit;Issue Tracking;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
[SECURITY] [DLA 3278-1] tiff security updateMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/202210-10
LibTIFF: Multiple Vulnerabilities (GLSA 202210-10) — Gentoo securityThird Party Advisory
-
https://www.debian.org/security/2023/dsa-5333
Debian -- Security Information -- DSA-5333-1 tiffThird Party Advisory
Products affected by CVE-2022-1355
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*