Vulnerability Description
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libtiff | Libtiff | 4.0.6 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2017-0225.html
- http://www.debian.org/security/2017/dsa-3844
- http://www.securityfocus.com/bid/94484Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/94744
- https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1Issue TrackingPatchThird Party Advisory
- https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33Issue TrackingPatchThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0225.html
- http://www.debian.org/security/2017/dsa-3844
- http://www.securityfocus.com/bid/94484Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/94744
- https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1Issue TrackingPatchThird Party Advisory
- https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33Issue TrackingPatchThird Party Advisory
FAQ
What is CVE-2016-9535?
CVE-2016-9535 is a vulnerability with a CVSS score of 9.8 (CRITICAL). tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr ...
How severe is CVE-2016-9535?
CVE-2016-9535 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-9535?
Check the references section above for vendor advisories and patch information. Affected products include: Libtiff Libtiff.