Untriaged
Permalink
CVE-2024-6716
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
Libtiff: out-of-memory issue in tiffreadencodedstrip() may lead to denial of service
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing libtiff to allocate memory indefinitely. This issue can result in a denial of service of the system consuming libtiff due to memory starvation.
References
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://gitlab.com/libtiff/libtiff/-/issues/620 x_transferred
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2297636 issue-tracking x_refsource_REDHAT x_transferred
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2297636 issue-tracking x_refsource_REDHAT x_transferred
- https://gitlab.com/libtiff/libtiff/-/issues/620 x_transferred
- https://gitlab.com/libtiff/libtiff/-/issues/620
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry
- RHBZ#2297636 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6716 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2297636 issue-tracking x_refsource_REDHAT x_transferred
- https://gitlab.com/libtiff/libtiff/-/issues/620 x_transferred
- https://security.netapp.com/advisory/ntap-20240808-0010/
Affected products
libtiff
mingw-libtiff
compat-libtiff3
Package maintainers
-
@sikmir Nikolay Korotkiy <sikmir@disroot.org>
-
@nh2 Niklas Hambüchen <mail@nh2.me>
-
@autra Augustin Trancart <augustin.trancart@gmail.com>
-
@willcohen Will Cohen
-
@l0b0 Victor Engmark <victor@engmark.name>
-
@nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com>
-
@imincik Ivan Mincik <ivan.mincik@gmail.com>