Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2022-02-11 18:15
Updated : 2024-11-21 06:38
NVD link : CVE-2022-0562
Mitre link : CVE-2022-0562
CVE.ORG link : CVE-2022-0562
JSON object : View
Products Affected
libtiff
- libtiff
fedoraproject
- fedora
debian
- debian_linux
netapp
- ontap_select_deploy_administration_utility
CWE
CWE-476
NULL Pointer Dereference