Vulnerability CVE-2022-0924

Vulnerability Name:

CVE-2022-0924 (CCN-221654)

Assigned:

2021-07-23

Published:

2021-07-23

Updated:

2022-11-16

Summary:

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.1 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H)
5.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2022-0924

Source: XF
Type: UNKNOWN
libtiff-cve20220924-dos(221654)

Source: CONFIRM
Type: Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json

Source: CCN
Type: libtiff GIT Repository
libtiff

Source: CCN
Type: GitLab Web site
Heap buffer overflow in cpContigBufToSeparateBuf, tiffcp.c:1373

Source: MISC
Type: Exploit, Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/issues/278

Source: MISC
Type: Patch, Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/merge_requests/311

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-c39720a0ed

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-e2996202a0

Source: GENTOO
Type: Third Party Advisory
GLSA-202210-10

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20220506-0002/

Source: DEBIAN
Type: Third Party Advisory
DSA-5108

Source: CCN
Type: IBM Security Bulletin 6843939 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-0924

Source: CCN
Type: IBM Security Bulletin 6855099 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF

Source: CCN
Type: IBM Security Bulletin 6921283 (Robotic Process Automation for Cloud Pak)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Vulnerable Configuration:

Configuration 1:

cpe:/a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:9::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.7:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7682	P	libtiff-devel-4.0.9-150000.45.25.1 on GA media (Moderate)	2023-06-12
oval:com.redhat.rhsa:def:20228194	P	RHSA-2022:8194: libtiff security update (Moderate)	2022-11-15
oval:com.redhat.rhsa:def:20227585	P	RHSA-2022:7585: libtiff security update (Moderate)	2022-11-08
oval:org.opensuse.security:def:3737	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3605	P	libical1-1.0.1-16.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:119592	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:95367	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:904	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:118911	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:500	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:1073	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:119217	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:42393	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:1517	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:119407	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:95235	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:118721	P	Security update for tiff (Important)	2022-05-30
oval:org.opensuse.security:def:5238	P	Security update for tiff (Important)	2022-05-16
oval:org.opensuse.security:def:6036	P	Security update for tiff (Important)	2022-05-16

BACK