Integer Overflow Vulnerability in GDAL and LibTIFF Products
CVE-2019-17546

8.8HIGH

Key Information:

Vendor

Libtiff

Status
Libtiff
Vendor
CVE Published:
14 October 2019

What is CVE-2019-17546?

An integer overflow vulnerability exists in the tif_getimage.c file of LibTIFF, specifically in versions up to 4.0.10, which is utilized by GDAL versions up to 3.0.1 and potentially other products. This flaw could allow attackers to trigger a heap-based buffer overflow by crafting a malicious RGBA image, resulting in a 'Negative-size-param' condition that can compromise the security of the application.

References

https://github.com/OSGeo/gdal/commit/21674033ee246f698887...
x_refsource_MISC
https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af4...
x_refsource_MISC
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.