CVE-2023-0801 - Vulnerability Details

CVE-2023-0801 - libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00022.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Libtiff	Libtiff
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
libtiff-0:4.0.9-29.el8_8	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:5353	2023-09-26T00:00:00Z
Red Hat Enterprise Linux 9
libtiff-0:4.4.0-8.el9_2	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:3711	2023-06-21T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-3333-1	tiff security update
Debian DSA	DSA-5361-1	tiff security update
EUVD	EUVD-2023-12806	LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Ubuntu USN	USN-5923-1	LibTIFF vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json
https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
https://gitlab.com/libtiff/libtiff/-/issues/498
https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
https://nvd.nist.gov/vuln/detail/CVE-2023-0801
https://security.gentoo.org/glsa/202305-31
https://security.netapp.com/advisory/ntap-20230316-0002/
https://www.cve.org/CVERecord?id=CVE-2023-0801
https://www.debian.org/security/2023/dsa-5361

History

Fri, 21 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2023-02-13T00:00:00.000Z

Updated: 2025-03-21T19:00:43.776Z

Reserved: 2023-02-12T00:00:00.000Z

Link: CVE-2023-0801

Vulnrichment

Updated: 2024-08-02T05:24:34.481Z

NVD

Status : Modified

Published: 2023-02-13T23:15:12.370

Modified: 2025-03-21T19:15:42.127

Link: CVE-2023-0801

Redhat

Severity : Moderate

Publid Date: 2023-02-12T00:00:00Z

Links: CVE-2023-0801 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object