English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2022.5714.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-5714-1)
Summary:The remote host is missing an update for the 'tiff' package(s) announced via the USN-5714-1 advisory.
Description:Summary:
The remote host is missing an update for the 'tiff' package(s) announced via the USN-5714-1 advisory.

Vulnerability Insight:
It was discovered that LibTIFF incorrectly handled certain memory operations
when using tiffcrop. An attacker could trick a user into processing a specially
crafted tiff image file and potentially use this issue to cause a denial of
service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520,
CVE-2022-2521, CVE-2022-2953)

It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffcrop. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash. This
issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2022-2867, CVE-2022-2868, CVE-2022-2869)

It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffsplit. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash. This
issue only affected to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-34526)

Chintan Shah discovered that LibTIFF incorrectly handled memory in certain
conditions when using tiffcrop. An attacker could trick a user into processing
a specially crafted image file and potentially use this issue to allow for
information disclosure or to cause the application to crash. This issue only
affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04
LTS and Ubuntu 22.10. (CVE-2022-3570)

It was discovered that LibTIFF incorrectly handled memory in certain conditions
when using tiffcrop. An attacker could trick a user into processing a specially
crafted tiff file and potentially use this issue to cause a denial of service.
This issue only affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3598)

It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffcrop. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash.
(CVE-2022-3599)

It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffcrop. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash. This
issue only affected to Ubuntu 22.10. (CVE-2022-3597, CVE-2022-3626,
CVE-2022-3627)

Affected Software/OS:
'tiff' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2022-2519
DSA-5333
https://www.debian.org/security/2023/dsa-5333
https://gitlab.com/libtiff/libtiff/-/issues/423
https://gitlab.com/libtiff/libtiff/-/merge_requests/378
Common Vulnerability Exposure (CVE) ID: CVE-2022-2520
https://gitlab.com/libtiff/libtiff/-/issues/424
Common Vulnerability Exposure (CVE) ID: CVE-2022-2521
https://gitlab.com/libtiff/libtiff/-/issues/422
Common Vulnerability Exposure (CVE) ID: CVE-2022-2867
Debian Security Information: DSA-5333 (Google Search)
https://bugzilla.redhat.com/show_bug.cgi?id=2118847
https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-2868
https://bugzilla.redhat.com/show_bug.cgi?id=2118863
Common Vulnerability Exposure (CVE) ID: CVE-2022-2869
https://bugzilla.redhat.com/show_bug.cgi?id=2118869
Common Vulnerability Exposure (CVE) ID: CVE-2022-2953
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json
https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3
https://gitlab.com/libtiff/libtiff/-/issues/414
Common Vulnerability Exposure (CVE) ID: CVE-2022-34526
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ/
https://gitlab.com/libtiff/libtiff/-/issues/433
https://gitlab.com/libtiff/libtiff/-/issues/486
Common Vulnerability Exposure (CVE) ID: CVE-2022-3570
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json
https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
https://gitlab.com/libtiff/libtiff/-/issues/381
https://gitlab.com/libtiff/libtiff/-/issues/386
Common Vulnerability Exposure (CVE) ID: CVE-2022-3597
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json
https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
https://gitlab.com/libtiff/libtiff/-/issues/413
Common Vulnerability Exposure (CVE) ID: CVE-2022-3598
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
https://gitlab.com/libtiff/libtiff/-/issues/435
Common Vulnerability Exposure (CVE) ID: CVE-2022-3599
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json
https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
https://gitlab.com/libtiff/libtiff/-/issues/398
Common Vulnerability Exposure (CVE) ID: CVE-2022-3626
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json
https://gitlab.com/libtiff/libtiff/-/issues/426
Common Vulnerability Exposure (CVE) ID: CVE-2022-3627
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json
https://gitlab.com/libtiff/libtiff/-/issues/411
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.