PT-2021-6706 · Libtiff+7 · Libtiff+7

Jontsang

Published

2021-09-07

Updated

2024-06-15

CVE-2020-19131

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions LibTiff version 4.0.10

Description The issue is related to a buffer overflow in the invertImage() function of the tiffcrop component. This allows attackers to cause a denial of service. The exploitation of this issue can be done remotely.

Recommendations For LibTiff version 4.0.10, consider disabling the invertImage() function in the tiffcrop component as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2022:1810

BDU:2022-02065

CESA-2022_1810

CVE-2020-19131

DLA-2777-1

OPENSUSE-SU-2022:0480-1

OPENSUSE-SU-2022_0480-1

OPENSUSE-SU-2024:13381-1

RHSA-2022:1810

RHSA-2022_1810

RLSA-2022:1810

SUSE-SU-2022:0480-1

SUSE-SU-2022:0496-1

USN-5523-1

USN-5619-1

Affected Products

Almalinux

Centos

Libtiff

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2021-6706 · Libtiff+7 · Libtiff+7

CVE-2020-19131

Weakness Enumeration

Related Identifiers

Affected Products

References · 73