Name of the Vulnerable Software and Affected Versions:

libtiff version 4.6.0

Description:

A problematic issue exists in libtiff due to a null pointer dereference in the `PS Lvl2page` function within the `tiff2ps` component (file `tools/tiff2ps.c`). The issue occurs when the DEFER STRILE LOAD option is enabled or the TIFFOpen function is used with the "rD" option. Exploitation is considered difficult, but the exploit has been publicly disclosed.

Recommendations:

Apply the patch 6ba36f159fd396ad11bf6b7874554197736ecc8b to resolve this issue.