CVE-2023-52356 - Vulnerability Details - OpenCVE

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00717.

Exploitation poc

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

unaffected

Version	Status	Constraints
`0`	affected	< 4.6.0

Red Hat

Red Hat Enterprise Linux 8

affected

Version	Status	Constraints
`0:4.0.9-32.el8_10`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:4.4.0-15.el9`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a`	unaffected	< *

Red Hat

Red Hat Discovery 2

affected

Version	Status	Constraints
`sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740`	unaffected	< *

Red Hat Red Hat Enterprise Linux 10 affected —

Red Hat Red Hat Enterprise Linux 6 unknown —

Red Hat Red Hat Enterprise Linux 7 unknown —

Red Hat Red Hat Enterprise Linux 7 unknown —

Red Hat Red Hat Enterprise Linux 8 affected —

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
libtiff-0:4.0.9-32.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:5079	2024-08-07T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Libtiff Subscribe	Libtiff Subscribe
Redhat Subscribe	Ai Inference Server Subscribe Discovery Subscribe Enterprise Linux Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-3758-1	tiff security update
Debian DLA	DLA-4026-1	tiff security update
EUVD	EUVD-2023-57012	A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Ubuntu USN	USN-6644-1	LibTIFF vulnerabilities
Ubuntu USN	USN-6644-2	LibTIFF vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
http://seclists.org/fulldisclosure/2024/Jul/23
https://access.redhat.com/errata/RHSA-2024:5079
https://access.redhat.com/errata/RHSA-2025:20801
https://access.redhat.com/errata/RHSA-2025:21994
https://access.redhat.com/errata/RHSA-2025:23078
https://access.redhat.com/errata/RHSA-2025:23079
https://access.redhat.com/errata/RHSA-2025:23080
https://access.redhat.com/errata/RHSA-2026:3461
https://access.redhat.com/errata/RHSA-2026:3462
https://access.redhat.com/security/cve/CVE-2023-52356
https://bugzilla.redhat.com/show_bug.cgi?id=2251344
https://gitlab.com/libtiff/libtiff/-/issues/622
https://gitlab.com/libtiff/libtiff/-/merge_requests/546
https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html
https://nvd.nist.gov/vuln/detail/CVE-2023-52356
https://support.apple.com/kb/HT214116
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214123
https://support.apple.com/kb/HT214124
https://www.cve.org/CVERecord?id=CVE-2023-52356

History

Fri, 27 Feb 2026 16:45:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2026:3461 https://access.redhat.com/errata/RHSA-2026:3462

Tue, 10 Feb 2026 17:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:10

Wed, 10 Dec 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat ai Inference Server
CPEs		cpe:/a:redhat:ai_inference_server:3.2::el9
Vendors & Products		Redhat ai Inference Server
References		https://access.redhat.com/errata/RHSA-2025:23078 https://access.redhat.com/errata/RHSA-2025:23079 https://access.redhat.com/errata/RHSA-2025:23080

Mon, 24 Nov 2025 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat discovery
CPEs		cpe:/a:redhat:discovery:2::el9
Vendors & Products		Redhat discovery
References		https://access.redhat.com/errata/RHSA-2025:21994

Tue, 11 Nov 2025 16:45:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
References		https://access.redhat.com/errata/RHSA-2025:20801

Mon, 03 Nov 2025 21:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00263}`	epss `{'score': 0.0027}`

Tue, 17 Jun 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/17 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/2024/Jul/22 http://seclists.org/fulldisclosure/2024/Jul/23 https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html https://support.apple.com/kb/HT214116 https://support.apple.com/kb/HT214117 https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://support.apple.com/kb/HT214122 https://support.apple.com/kb/HT214123 https://support.apple.com/kb/HT214124

Mon, 16 Sep 2024 20:45:00 +0000

Type	Values Removed	Values Added
References	http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/17 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/2024/Jul/22 http://seclists.org/fulldisclosure/2024/Jul/23 https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html https://support.apple.com/kb/HT214116 https://support.apple.com/kb/HT214117 https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://support.apple.com/kb/HT214122 https://support.apple.com/kb/HT214123 https://support.apple.com/kb/HT214124

Wed, 07 Aug 2024 22:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8

Wed, 07 Aug 2024 16:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
References		https://access.redhat.com/errata/RHSA-2024:5079

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-01-25T20:03:40.971Z

Updated: 2026-02-27T17:05:04.387Z

Reserved: 2024-01-24T14:08:49.010Z

Link: CVE-2023-52356

Vulnrichment

Updated: 2025-11-03T20:36:13.850Z

NVD

Status : Modified

Published: 2024-01-25T20:15:39.063

Modified: 2026-02-27T17:16:21.270

Link: CVE-2023-52356

Redhat

Severity : Moderate

Publid Date: 2023-11-03T00:00:00Z

Links: CVE-2023-52356 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52356", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-01-24T14:08:49.010Z", "datePublished": "2024-01-25T20:03:40.971Z", "dateUpdated": "2026-02-27T17:05:04.387Z"}, "containers": {"cna": {"title": "Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "versions": [{"version": "0:4.0.9-32.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "versions": [{"version": "0:4.4.0-15.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-rocm-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/model-opt-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-rocm-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-ui-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:5079", "name": "RHSA-2024:5079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:20801", "name": "RHSA-2025:20801", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:21994", "name": "RHSA-2025:21994", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23078", "name": "RHSA-2025:23078", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23079", "name": "RHSA-2025:23079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23080", "name": "RHSA-2025:23080", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3461", "name": "RHSA-2026:3461", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3462", "name": "RHSA-2026:3462", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-52356", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344", "name": "RHBZ#2251344", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"}], "datePublic": "2023-11-03T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow", "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00.000Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-27T17:05:04.387Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52356", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344", "name": "RHBZ#2251344", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/622", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214119", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214123", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214122", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214117", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214118", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214116", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214120", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214124", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/23", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/20", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/17", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/19", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:36:13.850Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52356", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-01-28T01:27:48.546657Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T21:19:29.445Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52356", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344", "name": "RHBZ#2251344", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/622", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214119", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214123", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214122", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214117", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214118", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214116", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214120", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214124", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/23", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/20", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/17", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/19", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:36:13.850Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52356", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-01-28T01:27:48.546657Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T21:18:47.496Z"}}], "cna": {"title": "Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:4.0.9-32.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:4.4.0-15.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-rocm-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/model-opt-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-rocm-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-ui-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00.000Z", "value": "Made public."}], "datePublic": "2023-11-03T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:5079", "name": "RHSA-2024:5079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:20801", "name": "RHSA-2025:20801", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:21994", "name": "RHSA-2025:21994", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23078", "name": "RHSA-2025:23078", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23079", "name": "RHSA-2025:23079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23080", "name": "RHSA-2025:23080", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3461", "name": "RHSA-2026:3461", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3462", "name": "RHSA-2026:3462", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-52356", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344", "name": "RHBZ#2251344", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-27T17:05:04.387Z"}, "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"}}, "cveMetadata": {"cveId": "CVE-2023-52356", "state": "PUBLISHED", "dateUpdated": "2026-02-27T17:05:04.387Z", "dateReserved": "2024-01-24T14:08:49.010Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-01-25T20:03:40.971Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FFD25C1-A304-486F-A36B-7167EEF33388", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de falla de segmento (SEGV) en libtiff que podr\u00eda activarse al pasar un archivo tiff dise\u00f1ado a la API TIFFReadRGBATileExt(). Este fallo permite que un atacante remoto provoque un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria, lo que lleva a una denegaci\u00f3n de servicio."}], "id": "CVE-2023-52356", "lastModified": "2026-02-27T17:16:21.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-25T20:15:39.063", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:5079"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:20801"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:21994"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23078"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23079"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23080"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:3461"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:3462"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52356"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/622"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/18"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/19"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jul/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/622"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214116"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214119"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214122"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214124"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5079", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libtiff-0:4.0.9-32.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-07T00:00:00Z"}], "bugzilla": {"description": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service", "id": "2251344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.", "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service."], "name": "CVE-2023-52356", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-11-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52356\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52356\nhttps://gitlab.com/libtiff/libtiff/-/issues/622\nhttps://gitlab.com/libtiff/libtiff/-/merge_requests/546"], "statement": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.", "threat_severity": "Moderate"}