Vulnerability CVE-2022-22844

Vulnerability Name:

CVE-2022-22844 (CCN-216977)

Assigned:

2022-01-04

Published:

2022-01-04

Updated:

2022-11-16

Summary:

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2022-22844

Source: XF
Type: UNKNOWN
libtiff-cve202222844-dos(216977)

Source: CCN
Type: LibTIFF GIT Repository
tiffset: Global-buffer-overflow in _TIFFmemcpy, tif_unix.c:346

Source: MISC
Type: Exploit, Mitigation, Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/issues/355

Source: MISC
Type: Exploit, Mitigation, Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/merge_requests/287

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update

Source: GENTOO
Type: Third Party Advisory
GLSA-202210-10

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20220311-0002/

Source: DEBIAN
Type: Third Party Advisory
DSA-5108

Source: CCN
Type: IBM Security Bulletin 6843949 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-22844

Source: CCN
Type: IBM Security Bulletin 6855093 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF

Source: CCN
Type: IBM Security Bulletin 6921283 (Robotic Process Automation for Cloud Pak)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Vulnerable Configuration:

Configuration 1:

cpe:/a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:9::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.7:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7682	P	libtiff-devel-4.0.9-150000.45.25.1 on GA media (Moderate)	2023-06-12
oval:com.redhat.rhsa:def:20228194	P	RHSA-2022:8194: libtiff security update (Moderate)	2022-11-15
oval:com.redhat.rhsa:def:20227585	P	RHSA-2022:7585: libtiff security update (Moderate)	2022-11-08
oval:org.opensuse.security:def:3749	P	perl-Mail-SpamAssassin-3.4.2-44.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3090	P	groff-1.22.2-5.287 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94720	P	libtiff-devel-4.0.9-45.5.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:125802	P	Security update for tiff (Important)	2022-02-18
oval:org.opensuse.security:def:6165	P	Security update for tiff (Important)	2022-02-18
oval:org.opensuse.security:def:126965	P	Security update for tiff (Important)	2022-02-18
oval:org.opensuse.security:def:127363	P	Security update for tiff (Important)	2022-02-18
oval:org.opensuse.security:def:5347	P	Security update for tiff (Important)	2022-02-18
oval:org.opensuse.security:def:119107	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:101633	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:1083	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:119305	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:101761	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:118810	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:1530	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:119488	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:95379	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:102094	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:119000	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:119673	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:941	P	Security update for tiff (Important)	2022-02-17

BACK