Bug 1208229 (CVE-2023-0798) - VUL-1: CVE-2023-0798: tiff: out of bounds read due to incorrect image rotation
Summary: VUL-1: CVE-2023-0798: tiff: out of bounds read due to incorrect image rotation
Status: RESOLVED FIXED
Alias: CVE-2023-0798
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/357008/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-0798:3.3:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-02-14 09:30 UTC by Carlos López
Modified: 2023-06-22 07:55 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos López 2023-02-14 09:30:18 UTC
CVE-2023-0798

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400,
allowing attackers to cause a denial-of-service via a crafted tiff file. For
users that compile libtiff from sources, the fix is available with commit
afaabc3e.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0798
https://www.cve.org/CVERecord?id=CVE-2023-0798
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json
https://gitlab.com/libtiff/libtiff/-/issues/492
https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
Comment 1 Carlos López 2023-02-14 09:37:53 UTC
This looks like it is the same bug as bnc#1208226. Therefore, it should only affect:
- SUSE:SLE-12:Update
- SUSE:SLE-15:Update
- openSUSE:Factory
Comment 2 OBSbugzilla Bot 2023-02-22 15:45:09 UTC
This is an autogenerated message for OBS integration:
This bug (1208229) was mentioned in
https://build.opensuse.org/request/show/1067182 Factory / tiff
Comment 5 Maintenance Automation 2023-05-30 16:30:25 UTC
SUSE-SU-2023:2321-1: An update that solves 10 vulnerabilities can now be installed.

Category: security (moderate)
Bug References: 1208226, 1208227, 1208228, 1208229, 1208230, 1208231, 1208232, 1208233, 1208234, 1208236
CVE References: CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): tiff-4.0.9-44.68.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): tiff-4.0.9-44.68.1
SUSE Linux Enterprise Server 12 SP5 (src): tiff-4.0.9-44.68.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): tiff-4.0.9-44.68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Maintenance Automation 2023-05-31 08:30:01 UTC
SUSE-SU-2023:2334-1: An update that solves 10 vulnerabilities can now be installed.

Category: security (moderate)
Bug References: 1208226, 1208227, 1208228, 1208229, 1208230, 1208231, 1208232, 1208233, 1208234, 1208236
CVE References: CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804
Sources used:
openSUSE Leap Micro 5.3 (src): tiff-4.0.9-150000.45.28.1
openSUSE Leap 15.4 (src): tiff-4.0.9-150000.45.28.1
openSUSE Leap 15.5 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro 5.3 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro 5.4 (src): tiff-4.0.9-150000.45.28.1
Basesystem Module 15-SP4 (src): tiff-4.0.9-150000.45.28.1
Basesystem Module 15-SP5 (src): tiff-4.0.9-150000.45.28.1
SUSE Package Hub 15 15-SP4 (src): tiff-4.0.9-150000.45.28.1
SUSE Package Hub 15 15-SP5 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Real Time 15 SP3 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro 5.2 (src): tiff-4.0.9-150000.45.28.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): tiff-4.0.9-150000.45.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Carlos López 2023-06-22 07:55:08 UTC
Done, closing.