openSUSE Security Update : tiff (openSUSE-2018-677)

Medium Nessus Plugin ID 110802

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for tiff fixes the following issues :

These security issues were fixed :

- CVE-2017-18013: There was a NULL pointer Dereference in
the tif_print.c TIFFPrintDirectory function, as
demonstrated by a tiffinfo crash. (bsc#1074317)

- CVE-2018-10963: The TIFFWriteDirectorySec() function in
tif_dirwrite.c allowed remote attackers to cause a
denial of service (assertion failure and application
crash) via a crafted file, a different vulnerability
than CVE-2017-13726. (bsc#1092949)

- CVE-2018-7456: Prevent a NULL pointer dereference in the
function TIFFPrintDirectory when using the tiffinfo tool
to print crafted TIFF information, a different
vulnerability than CVE-2017-18013 (bsc#1082825)

- CVE-2017-11613: Prevent denial of service in the
TIFFOpen function. During the TIFFOpen process,
td_imagelength is not checked. The value of
td_imagelength can be directly controlled by an input
file. In the ChopUpSingleUncompressedStrip function, the
_TIFFCheckMalloc function is called based on
td_imagelength. If the value of td_imagelength is set
close to the amount of system memory, it will hang the
system or trigger the OOM killer (bsc#1082332)

- CVE-2018-8905: Prevent heap-based buffer overflow in the
function LZWDecodeCompat via a crafted TIFF file
(bsc#1086408)

- CVE-2016-8331: Prevent remote code execution because of
incorrect handling of TIFF images. A crafted TIFF
document could have lead to a type confusion
vulnerability resulting in remote code execution. This
vulnerability could have been be triggered via a TIFF
file delivered to the application using LibTIFF's tag
extension functionality (bsc#1007276)

- CVE-2016-3632: The _TIFFVGetField function allowed
remote attackers to cause a denial of service
(out-of-bounds write) or execute arbitrary code via a
crafted TIFF image (bsc#974621)

This update was imported from the SUSE:SLE-12:Update update project.

Solution

Update the affected tiff packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1007276

https://bugzilla.opensuse.org/show_bug.cgi?id=1074317

https://bugzilla.opensuse.org/show_bug.cgi?id=1082332

https://bugzilla.opensuse.org/show_bug.cgi?id=1082825

https://bugzilla.opensuse.org/show_bug.cgi?id=1086408

https://bugzilla.opensuse.org/show_bug.cgi?id=1092949

https://bugzilla.opensuse.org/show_bug.cgi?id=974621

Plugin Details

Severity: Medium

ID: 110802

File Name: openSUSE-2018-677.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2018/06/29

Modified: 2018/09/04

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libtiff-devel, p-cpe:/a:novell:opensuse:libtiff-devel-32bit, p-cpe:/a:novell:opensuse:libtiff5, p-cpe:/a:novell:opensuse:libtiff5-32bit, p-cpe:/a:novell:opensuse:libtiff5-debuginfo, p-cpe:/a:novell:opensuse:libtiff5-debuginfo-32bit, p-cpe:/a:novell:opensuse:tiff, p-cpe:/a:novell:opensuse:tiff-debuginfo, p-cpe:/a:novell:opensuse:tiff-debugsource, cpe:/o:novell:opensuse:42.3

Patch Publication Date: 2018/06/28

Reference Information

CVE: CVE-2016-3632, CVE-2016-8331, CVE-2017-11613, CVE-2017-13726, CVE-2017-18013, CVE-2018-10963, CVE-2018-7456, CVE-2018-8905