cvelistv5 - cve-2023-2908

Source	URL	Tags
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2023-2908	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2218830	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f	Patch, Vendor Advisory
secalert@redhat.com	https://gitlab.com/libtiff/libtiff/-/merge_requests/479	Exploit, Vendor Advisory
secalert@redhat.com	https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html	Third Party Advisory
secalert@redhat.com	https://security.netapp.com/advisory/ntap-20230731-0004/	Third Party Advisory

Vendor	Product
n/a	Libtiff
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 9
Fedora	Fedora
Fedora	Fedora
Fedora	Fedora
Fedora	Fedora

gsd-2023-2908

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service.

Aliases

CVE-2023-2908

Aliases

CVE-2023-2908

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-2908",
    "id": "GSD-2023-2908"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-2908"
      ],
      "details": "A null pointer dereference issue was found in Libtiff\u0027s tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service.",
      "id": "GSD-2023-2908",
      "modified": "2023-12-13T01:20:31.530373Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2023-2908",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Libtiff",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "versions": [
                              {
                                "status": "unaffected",
                                "version": "4.5.1rc1"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Red Hat Enterprise Linux 6",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 7",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 8",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 9",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Red Hat"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Fedora",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected"
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fedora"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A null pointer dereference issue was found in Libtiff\u0027s tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-476",
                "lang": "eng",
                "value": "NULL Pointer Dereference"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://access.redhat.com/security/cve/CVE-2023-2908",
            "refsource": "MISC",
            "url": "https://access.redhat.com/security/cve/CVE-2023-2908"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830"
          },
          {
            "name": "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f",
            "refsource": "MISC",
            "url": "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f"
          },
          {
            "name": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479",
            "refsource": "MISC",
            "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479"
          },
          {
            "name": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
            "refsource": "MISC",
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20230731-0004/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20230731-0004/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c=4.5.0",
          "affected_versions": "All versions up to 4.5.0",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-476",
            "CWE-937"
          ],
          "date": "2023-08-02",
          "description": "A null pointer dereference issue was discovered in Libtiff\u0027s tif_dir.c file. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcp utility, which triggers runtime error, causing an undefined behavior, resulting in an application crash, eventually leading to a denial of service.",
          "fixed_versions": [
            "4.5.1"
          ],
          "identifier": "CVE-2023-2908",
          "identifiers": [
            "CVE-2023-2908"
          ],
          "not_impacted": "All versions after 4.5.0",
          "package_slug": "conan/libtiff",
          "pubdate": "2023-06-30",
          "solution": "Upgrade to version 4.5.1 or above.",
          "title": "NULL Pointer Dereference",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-2908",
            "https://access.redhat.com/security/cve/CVE-2023-2908",
            "https://bugzilla.redhat.com/show_bug.cgi?id=2218830",
            "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f",
            "https://gitlab.com/libtiff/libtiff/-/merge_requests/479"
          ],
          "uuid": "05b06a66-2156-45b3-a518-93e2fffcd299"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2023-2908"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A null pointer dereference issue was found in Libtiff\u0027s tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://access.redhat.com/security/cve/CVE-2023-2908",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-2908"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830"
            },
            {
              "name": "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f"
            },
            {
              "name": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20230731-0004/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20230731-0004/"
            },
            {
              "name": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-08-02T15:41Z",
      "publishedDate": "2023-06-30T22:15Z"
    }
  }
}

wid-sec-w-2023-1605

Vulnerability from csaf_certbund

Published

2023-06-29 22:00

Modified

2023-08-15 22:00

Summary

libTIFF: Schwachstelle ermöglicht Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

libTIFF ist ein Softwarepaket für die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in libTIFF ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- UNIX - Linux - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "libTIFF ist ein Softwarepaket f\u00fcr die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in libTIFF ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1605 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1605.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1605 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1605"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6290-1 vom 2023-08-16",
        "url": "https://ubuntu.com/security/notices/USN-6290-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3513 vom 2023-08-01",
        "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"
      },
      {
        "category": "external",
        "summary": "PoC auf gitlab",
        "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479"
      },
      {
        "category": "external",
        "summary": "RedHat Bugzilla vom 2023-06-29",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830"
      }
    ],
    "source_lang": "en-US",
    "title": "libTIFF: Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2023-08-15T22:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:33:48.683+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-1605",
      "initial_release_date": "2023-06-29T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-06-29T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-07-31T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2023-08-15T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source libTIFF \u003c 4.5.1rc1",
            "product": {
              "name": "Open Source libTIFF \u003c 4.5.1rc1",
              "product_id": "T028372",
              "product_identification_helper": {
                "cpe": "cpe:/a:libtiff:libtiff:4.5.1rc1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-2908",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in libTIFF. In der Datei tif_dir.c von Libtiff besteht ein Nullzeiger-Dereferenzierungsproblem. Bei der Verarbeitung einer manipulierten TIFF-Bilddatei im Dienstprogramm tiffcp kommt es zu einem Laufzeitfehler, der ein undefiniertes Verhalten verursacht, was zu einem Absturz der Anwendung f\u00fchrt. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T000126"
        ]
      },
      "release_date": "2023-06-29T22:00:00Z",
      "title": "CVE-2023-2908"
    }
  ]
}

ghsa-7278-8hvx-pp94

Vulnerability from github

Published

2023-07-01 00:30

Modified

2024-04-04 05:19

Severity

5.5 (Medium) - CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

A null pointer dereference issue was discovered in Libtiff's tif_dir.c file. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcp utility, which triggers runtime error, causing an undefined behavior, resulting in an application crash, eventually leading to a denial of service.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-2908"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-30T22:15:10Z",
    "severity": "MODERATE"
  },
  "details": "A null pointer dereference issue was discovered in Libtiff\u0027s tif_dir.c file. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcp utility, which triggers runtime error, causing an undefined behavior, resulting in an application crash, eventually leading to a denial of service.",
  "id": "GHSA-7278-8hvx-pp94",
  "modified": "2024-04-04T05:19:15Z",
  "published": "2023-07-01T00:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2908"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-2908"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218830"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/479"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230731-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Action not permitted

cve-2023-2908

Vulnerability from cvelistv5

gsd-2023-2908

Vulnerability from gsd

wid-sec-w-2023-1605

Vulnerability from csaf_certbund

ghsa-7278-8hvx-pp94

Vulnerability from github

Tags