CVE-2023-3618 - OpenCVE

A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Redhat	Enterprise Linux
Libtiff	Libtiff

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-3618	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2215865	Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20230824-0012/
https://support.apple.com/kb/HT214036
https://support.apple.com/kb/HT214037
https://support.apple.com/kb/HT214038

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-07-12T14:06:04.572Z

Updated: 2023-08-08T16:50:48.957Z

Reserved: 2023-07-11T14:46:05.545Z

Link: CVE-2023-3618

JSON object: View

NVD Information

Status : Modified

Published: 2023-07-12T15:15:09.060

Modified: 2024-03-23T11:15:43.670

Link: CVE-2023-3618

JSON object: View

Redhat Information

No data.

CWE

CWE-120

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-3618", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-07-11T14:46:05.545Z", "datePublished": "2023-07-12T14:06:04.572Z", "dateUpdated": "2023-08-08T16:50:48.957Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "libtiff", "vendor": "n/a"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "unknown", "packageName": "libtiff", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "unknown", "packageName": "compat-libtiff3", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "unknown", "packageName": "libtiff", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected", "packageName": "compat-libtiff3", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected", "packageName": "libtiff", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "affected", "packageName": "libtiff", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat"}, {"collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "iv", "product": "Fedora", "vendor": "Fedora"}, {"collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "libtiff", "product": "Fedora", "vendor": "Fedora"}, {"collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-libtiff", "product": "Fedora", "vendor": "Fedora"}, {"collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "unaffected", "packageName": "tkimg", "product": "Fedora", "vendor": "Fedora"}], "datePublic": "2023-02-13T00:00:00Z", "descriptions": [{"lang": "en", "value": "A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service."}], "metrics": [{"other": {"content": {"namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-08-08T16:50:48.957Z"}, "references": [{"tags": ["vdb-entry", "x_refsource_REDHAT"], "url": "https://access.redhat.com/security/cve/CVE-2023-3618"}, {"name": "RHBZ#2215865", "tags": ["issue-tracking", "x_refsource_REDHAT"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215865"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}, {"url": "https://security.netapp.com/advisory/ntap-20230824-0012/"}, {"url": "https://support.apple.com/kb/HT214038"}, {"url": "https://support.apple.com/kb/HT214036"}, {"url": "https://support.apple.com/kb/HT214037"}], "timeline": [{"lang": "en", "time": "2023-06-19T00:00:00Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-02-13T00:00:00Z", "value": "Made public."}], "title": "Segmentation fault in fax3encode in libtiff/tif_fax3.c", "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "matchCriteriaId": "4133F7CE-3597-4F03-B3E4-3EA0BB5ADE64", "versionEndExcluding": "4.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service."}], "id": "CVE-2023-3618", "lastModified": "2024-03-23T11:15:43.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-07-12T15:15:09.060", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-3618"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215865"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}, {"source": "secalert@redhat.com", "url": "https://security.netapp.com/advisory/ntap-20230824-0012/"}, {"source": "secalert@redhat.com", "url": "https://support.apple.com/kb/HT214036"}, {"source": "secalert@redhat.com", "url": "https://support.apple.com/kb/HT214037"}, {"source": "secalert@redhat.com", "url": "https://support.apple.com/kb/HT214038"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "secalert@redhat.com", "type": "Secondary"}]}