Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0087)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0087

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0087)

Resumen: The remote host is missing an update for the 'libtiff' package(s) announced via the MGASA-2022-0087 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libtiff' package(s) announced via the MGASA-2022-0087 advisory.

Vulnerability Insight:
Null source pointer passed as an argument to memcpy() function within
TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to
4.3.0 could lead to Denial of Service via crafted TIFF file.
(CVE-2022-0561)

Null source pointer passed as an argument to memcpy() function within
TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0
could lead to Denial of Service via crafted TIFF file. (CVE-2022-0562)

Affected Software/OS:
'libtiff' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-0561
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
Debian Security Information: DSA-5108 (Google Search)
https://www.debian.org/security/2022/dsa-5108
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://security.gentoo.org/glsa/202210-10
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-0562
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0087
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0087)
Resumen:	The remote host is missing an update for the 'libtiff' package(s) announced via the MGASA-2022-0087 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the MGASA-2022-0087 advisory. Vulnerability Insight: Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. (CVE-2022-0561) Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. (CVE-2022-0562) Affected Software/OS: 'libtiff' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0561 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json Debian Security Information: DSA-5108 (Google Search) https://www.debian.org/security/2022/dsa-5108 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/ https://security.gentoo.org/glsa/202210-10 https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef https://gitlab.com/libtiff/libtiff/-/issues/362 https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0562 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
Copyright	Copyright (C) 2022 Greenbone AG