PT-2024-1465 · Libtiff+11 · Libtiff+11

Yisumi

Published

2023-11-03

Updated

2026-04-10

CVE-2023-52356

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions LibTIFF (affected versions not specified)

Description The issue is related to a segment fault (SEGV) flaw in the LibTIFF library, specifically in the TIFFReadRGBATileExt() API endpoint. This flaw can be triggered by passing a crafted TIFF file, allowing a remote attacker to cause a heap-buffer overflow, which can lead to a denial of service. The vulnerability is associated with a buffer overflow in memory, potentially enabling a remote attacker to disrupt service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

ALSA-2024:5079

ALSA-2026:7081

ALT-PU-2025-7532

ALT-PU-2025-8255

AZL-34077

AZL-34955

AZL-43891

AZL-45204

BDU:2024-00967

CESA-2024_5079

CVE-2023-52356

DLA-3758-1

DLA-4026-1

INFSA-2024_5079

INFSA-2025_20801

MGASA-2024-0055

OPENSUSE-SU-2024:13627-1

OPENSUSE-SU-2025_0753-1

RHSA-2024:5079

RHSA-2024_5079

RHSA-2025:20801

RHSA-2025_20801

RHSA-2026:5958

RHSA-2026:7081

RHSA-2026:7304

RLSA-2024:5079

SUSE-SU-2024:0593-1

SUSE-SU-2024:0594-1

SUSE-SU-2024_0593-1

SUSE-SU-2024_0594-1

SUSE-SU-2025:0753-1

SUSE-SU-2025:20971-1

SUSE-SU-2025:21037-1

USN-6644-1

USN-6644-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Libtiff

Linuxmint

Apple Macos

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-1465 · Libtiff+11 · Libtiff+11

CVE-2023-52356

Weakness Enumeration

Related Identifiers

Affected Products

References · 146