Vulnerabilities > CVE-2022-1354

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
libtiff
fedoraproject
redhat
netapp
debian
NVD
Published: 2022-08-31
Updated: 2024-11-21

Summary

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.

Vulnerable Configurations

Part Description Count
Application
Libtiff
80
Application
Netapp
1
OS
Fedoraproject
3
OS
Redhat
1
OS
Debian
2

References