CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

History

30 Apr 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-05 19:15

Updated : 2024-04-30 15:15


NVD link : CVE-2023-41175

Mitre link : CVE-2023-41175

CVE.ORG link : CVE-2023-41175


JSON object : View

Products Affected

fedoraproject

  • fedora

libtiff

  • libtiff

redhat

  • enterprise_linux
CWE
CWE-190

Integer Overflow or Wraparound

CWE-680

Integer Overflow to Buffer Overflow