summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52355-0002.patch
Commit message (Collapse)AuthorAgeFilesLines
* tiff: fix CVE-2023-52355 and CVE-2023-52356Yogita Urade2024-02-221-0/+28
CVE-2023-52355: An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. Issue fixed by providing a documentation update. CVE-2023-52356: A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. References: https://nvd.nist.gov/vuln/detail/CVE-2023-52355 https://security-tracker.debian.org/tracker/CVE-2023-52355 https://gitlab.com/libtiff/libtiff/-/issues/621 https://gitlab.com/libtiff/libtiff/-/merge_requests/553 https://nvd.nist.gov/vuln/detail/CVE-2023-52356 https://gitlab.com/libtiff/libtiff/-/issues/622 https://gitlab.com/libtiff/libtiff/-/merge_requests/546 (From OE-Core rev: 71348662169be9737b10fbd305646df9295a07f6) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 831d7a2fffb3dec94571289292f0940bc7ecd70a) Signed-off-by: Steve Sakoman <steve@sakoman.com>