In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
Use After Free
Use After Free
-
Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
---|---|---|---|---|---|
debian/tiff | deb | debian | 12 | >=4.5.0-6+deb12u1 | Not yet available |
debian/tiff | deb | debian | unstable | >=4.5.1+git230720-4 | Not yet available |
debian/tiff | deb | debian | 10 | >=4.1.0+git191117-2~deb10u4 | Not yet available |
debian/tiff | deb | debian | 11 | >=4.2.0-1+deb11u5 | Not yet available |
debian/tiff | deb | debian | 13 | >=4.5.1+git230720-4 | Not yet available |
Severity and metrics
No CVSS data available from this source.
2.8
2.8
3.9
3.9
-
-