Test ID:	1.3.6.1.4.1.25623.1.1.2.2023.1427
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1427)
Summary:	The remote host is missing an update for the Huawei EulerOS 'libtiff' package(s) announced via the EulerOS-SA-2023-1427 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'libtiff' package(s) announced via the EulerOS-SA-2023-1427 advisory. Vulnerability Insight: A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.(CVE-2022-3970) Affected Software/OS: 'libtiff' package(s) on Huawei EulerOS V2.0SP11(x86_64). Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3970 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be https://oss-fuzz.com/download?testcase_id=5738253143900160 https://vuldb.com/?id.213549 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.