Debian Security Advisory

DLA-1680-1 tiff -- LTS security update

Date Reported:
18 Feb 2019
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2018-17000, CVE-2018-19210, CVE-2019-7663.
More information:

Brief introduction

  • CVE-2018-17000

    A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.

  • CVE-2018-19210

    There is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.

  • CVE-2019-7663

    An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file.

    We believe this is the same as CVE-2018-17000 (above).

For Debian 8 Jessie, these problems have been fixed in version 4.0.3-12.3+deb8u8.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: