tiff: memory-based DoS in tiff2bw (CVE-2017-16232)
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow
attackers to cause a denial of service (memory consumption), as
demonstrated
by tif_open.c, tif_lzw.c, and tif_aux.c
References:
http://seclists.org/oss-sec/2017/q4/168
http://openwall.com/lists/oss-security/2017/11/01/3
(from redmine: issue id 8144, created on 2017-11-14, closed on 2017-11-23)
- Relations:
- child #8145 (closed)
- child #8146 (closed)
- child #8147 (closed)
- child #8148 (closed)
- child #8149 (closed)