In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.01142.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Libtiff
  • Libtiff
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Server
  • Enterprise Linux Workstation

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 7
libtiff-0:4.0.3-32.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2019:2053 2019-08-06T00:00:00Z

No data.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-1377-1 tiff security update
Debian DLA Debian DLA DLA-1378-1 tiff3 security update
Debian DLA Debian DLA DLA-1411-1 tiff security update
Debian DSA Debian DSA DSA-4349-1 tiff security update
EUVD EUVD EUVD-2018-20513 In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
Ubuntu USN Ubuntu USN USN-3864-1 LibTIFF vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://bugzilla.maptools.org/show_bug.cgi?id=2780 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2053 cve-icon cve-icon
https://github.com/halfbitteam/POCs/tree/master/libtiff-4.08_tiff2ps_heap_overflow cve-icon cve-icon
https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/05/msg00008.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/05/msg00009.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-8905 cve-icon
https://usn.ubuntu.com/3864-1/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-8905 cve-icon
https://www.debian.org/security/2018/dsa-4349 cve-icon cve-icon
History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.01038}

 epss

{'score': 0.00766}

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.0109}

 epss

{'score': 0.01038}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T07:10:46.630Z

Reserved: 2018-03-21T00:00:00

Link: CVE-2018-8905

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-22T04:29:00.483

Modified: 2024-11-21T04:14:34.440

Link: CVE-2018-8905

cve-icon Redhat

Severity : Low

Publid Date: 2018-03-17T00:00:00Z

Links: CVE-2018-8905 - Bugzilla

cve-icon OpenCVE Enrichment

No data.