CVE-2022-0909

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libtiff version 4.3.0

Description The issue is related to a Divide By Zero error in the tiffcrop function of libtiff, which allows attackers to cause a denial-of-service via a crafted tiff file. This can be exploited by a remote attacker to disrupt service.

Recommendations For libtiff version 4.3.0, the fix is available with commit f8d0f9aa for users who compile libtiff from sources.

Exploit

Fix

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALSA-2022:7585

ALSA-2022:8194

ALT-PU-2022-2007

ALT-PU-2025-7532

AZL-9022

BDU:2022-05719

CESA-2022_7585

CVE-2022-0909

DSA-5108-1

MGASA-2022-0119

OESA-2022-1607

OPENSUSE-SU-2022_1882-1

OPENSUSE-SU-2024:12057-1

RHSA-2022:7585

RHSA-2022:8194

RHSA-2022_7585

RHSA-2022_8194

RLSA-2022:7585

SUSE-SU-2022:1667-1

SUSE-SU-2022:1882-1

SUSE-SU-2022_1667-1

USN-5523-1

USN-5523-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Libtiff

CVE-2022-0909

Weakness Enumeration

Related Identifiers

Affected Products

References · 108