libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-3278-1 | tiff security update |
![]() |
DSA-5333-1 | tiff security update |
![]() |
EUVD-2022-35101 | libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. |
![]() |
USN-5604-1 | LibTIFF vulnerabilities |
![]() |
USN-5714-1 | LibTIFF vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-03T00:52:59.602Z
Reserved: 2022-08-16T00:00:00
Link: CVE-2022-2867

No data.

Status : Modified
Published: 2022-08-17T22:15:08.697
Modified: 2024-11-21T07:01:50.353
Link: CVE-2022-2867


No data.