CVE-2023-0799

MEDIUM

Libtiff < 4.4.0 - Use After Free

Title source: rule

Description

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.

References (7)

Core 7

Core References

VDB Entry

https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json

View Writeup ZIP pw:eip

Patch

https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68

View Patch ZIP pw:eip

Exploit, Issue Tracking, Patch, Vendor Advisory

https://gitlab.com/libtiff/libtiff/-/issues/494

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230316-0003/

Mailing List mailing-list

https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html

Third Party Advisory vendor-advisory

https://www.debian.org/security/2023/dsa-5361

Third Party Advisory vendor-advisory

https://security.gentoo.org/glsa/202305-31

Scores

CVSS v3 6.8

EPSS 0.0001

EPSS Percentile 2.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (1)

libtiff/libtiff < 4.4.0

Published Feb 13, 2023

Tracked Since Feb 18, 2026