Debian alert DLA-4315-1 (tiff)
| From: | Jochen Sprickerhof <jspricke@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 4315-1] tiff security update | |
| Date: | Tue, 30 Sep 2025 09:20:57 +0200 | |
| Message-ID: | <aNuE2Xgv4fIqJXAN@fenchel> |
------------------------------------------------------------------------- Debian LTS Advisory DLA-4315-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Jochen Sprickerhof September 30, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : tiff Version : 4.2.0-1+deb11u7 CVE ID : CVE-2024-13978 CVE-2025-9900 Debian Bug : Multiple vulnerabilities were fixed in tiff, a library and tools providing support for the Tag Image File Format (TIFF). CVE-2024-13978 Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. CVE-2025-9900 This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. For Debian 11 bullseye, these problems have been fixed in version 4.2.0-1+deb11u7. We recommend that you upgrade your tiff packages. For the detailed security status of tiff please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tiff Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc7KZy9TurdzAF+h6W//cwljmlDMFAmjbhNkACgkQW//cwljm lDM2phAAgbqxaa3GPNzRwzF3g5yz4nULnJHZ8wldPTr0Kwy0n9IbTB7p2VO9ttBw B5+rG8T5K6NGRaEsEMJ5pi0VNC3yB3D8NdgSRlFLSWJEkRz4+91FX7pnWzd09cnt PweNTgZ9sGKea4CiQhvHhT6ktZs4P3yJssRcR1vDjPIY0U/uCx5/C0KbltqXpkOo c0bOSpqJjZR4i/SqV70Tny1Q1Wrp2FaNS9DleViiz3l3q+J1vZES7nTkQsmuTx0I NihIPigDeqRs5XQ1+iSHVBHxzYsODZ4gt7atMriE/kKVFAVySB6NrH7xphVzWCy3 MQ+JPGgIZdOrWZabkxZGPJPC9jh53HKyyYi/M8vRQIog0996VP+I4sHBU1yaDydu amVbG/dP5eo4iLBFwYDWq5fmfgS2nEQ1jasjJNEX6HZBy6nLhZ3BpDJaMmDebEuv +AmRLyIIqxN1klr7v1wWk/K2sPhEUQLpwqlNWJ9p1CVlZ3N9nLYVCWkfQVziKzgV +C2uDkmAHwmxx+lCmNb1dT2cSglbqmti5BRjZFnzHkc3L32Uokx0iouPQAz2aYwv We+/NlDMgpsOWiaDUQgKxetpcMKRgRAitYkoG/0QmeaqD90WP/S9rFigWWv8zdhB Ep4OvmZBD3FaXnugL1L4uQ9FJ8iNIMb/kYtzuBaaxYVC4TQ2VYw= =jZVG -----END PGP SIGNATURE-----