CVE-2022-0562 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file.
Group Package Affected Fixed Severity Status Ticket
AVG-2659 lib32-libtiff 4.3.0-1 4.3.0-2 High Fixed FS#74229
AVG-2658 libtiff 4.3.0-1 4.3.0-2 High Fixed FS#74229
Date Advisory Group Package Severity Type
05 Apr 2022 ASA-202204-6 AVG-2658 libtiff High multiple issues
References
https://gitlab.com/libtiff/libtiff/-/issues/362
https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b