CVE-2022-3599

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LibTIFF version 4.4.0

Description The issue is related to an out-of-bounds read in the writeSingleSection function of the LibTIFF library, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file.

Recommendations For version 4.4.0, users who compile libtiff from sources can apply the fix available with commit e8131125.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2023:2340

ALT-PU-2022-3360

ALT-PU-2022-3428

ALT-PU-2025-7185

ALT-PU-2025-7532

AZL-11286

AZL-44103

BDU:2023-05413

CVE-2022-3599

DLA-3278-1

DSA-5333-1

MGASA-2022-0424

OESA-2022-2020

OPENSUSE-SU-2022_4259-1

OPENSUSE-SU-2024:12510-1

RHSA-2023:2340

RHSA-2023_2340

SUSE-SU-2022:4248-1

SUSE-SU-2022:4259-1

USN-5714-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Libtiff

Linuxmint

Red Hat

Suse

Ubuntu

CVE-2022-3599

Weakness Enumeration

Related Identifiers

Affected Products

References · 99