CVE-2023-52355 - Vulnerability Details - OpenCVE

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00119.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Libtiff	Libtiff
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-57011	An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://access.redhat.com/security/cve/CVE-2023-52355
https://bugzilla.redhat.com/show_bug.cgi?id=2251326
https://gitlab.com/libtiff/libtiff/-/issues/621
https://nvd.nist.gov/vuln/detail/CVE-2023-52355
https://www.cve.org/CVERecord?id=CVE-2023-52355

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00119}`	epss `{'score': 0.00123}`

Tue, 17 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-01-25T20:03:35.031Z

Updated: 2025-11-11T12:54:16.828Z

Reserved: 2024-01-24T14:08:49.010Z

Link: CVE-2023-52355

Vulnrichment

Updated: 2024-08-02T22:55:41.592Z

NVD

Status : Modified

Published: 2024-01-25T20:15:38.353

Modified: 2024-11-21T08:39:38.020

Link: CVE-2023-52355

Redhat

Severity : Moderate

Publid Date: 2023-11-03T00:00:00Z

Links: CVE-2023-52355 - Bugzilla

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-52355", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-01-24T14:08:49.010Z", "datePublished": "2024-01-25T20:03:35.031Z", "dateUpdated": "2025-11-11T12:54:16.828Z"}, "containers": {"cna": {"title": "Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "datePublic": "2023-11-03T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-787: Out-of-bounds Write", "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-11-11T12:54:16.828Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:55:41.592Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-21T18:49:09.493075Z", "id": "CVE-2023-52355", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:44:08.059Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:55:41.592Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52355", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T18:49:09.493075Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:44:01.770Z"}}], "cna": {"title": "Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00+00:00", "value": "Made public."}], "datePublic": "2023-11-03T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-11-11T12:54:16.828Z"}, "x_redhatCweChain": "CWE-787: Out-of-bounds Write"}}, "cveMetadata": {"cveId": "CVE-2023-52355", "state": "PUBLISHED", "dateUpdated": "2025-11-11T12:54:16.828Z", "dateReserved": "2024-01-24T14:08:49.010Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-01-25T20:03:35.031Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "matchCriteriaId": "B37DB8C1-31DE-4D92-B4CD-EE365959F1D2", "versionEndExcluding": "4.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de falta de memoria en libtiff que podr\u00eda activarse al pasar un archivo tiff dise\u00f1ado a la API TIFFRasterScanlineSize64(). Este fallo permite que un atacante remoto provoque una denegaci\u00f3n de servicio a trav\u00e9s de una entrada manipulada con un tama\u00f1o inferior a 379 KB."}], "id": "CVE-2023-52355", "lastModified": "2024-11-21T08:39:38.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-25T20:15:38.353", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52355"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52355"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM", "id": "2251326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.", "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."], "name": "CVE-2023-52355", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-11-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52355\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52355\nhttps://gitlab.com/libtiff/libtiff/-/issues/621"], "statement": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it's important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.", "threat_severity": "Moderate"}