Null Pointer Dereference in LibTIFF's Fax2PS Tool Affects Multiple Users
CVE-2024-13978
2LOW
What is CVE-2024-13978?
A vulnerability in LibTIFF versions up to 4.7.0 affects the fax2ps component, specifically within the t2p_read_tiff_init function. This vulnerability can lead to a null pointer dereference, primarily local in nature, presenting a high complexity for potential exploitation. While the attack is challenging to execute, it is critical for users of LibTIFF to actively apply the provided patches to ensure their systems remain secure. Detailed information and the necessary patch can be found in the official repository.
Affected Version(s)
LibTIFF 4.0
LibTIFF 4.1
LibTIFF 4.2