ID CVE-2019-6128
Summary The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
References
Vulnerable Configurations
  • LibTIFF 4.0.10
    cpe:2.3:a:libtiff:libtiff:4.0.10
  • Canonical Ubuntu Linux 12.04 ESM (Extended Security Maintenance)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.10
    cpe:2.3:o:canonical:ubuntu_linux:18.10
  • openSUSE Leap 15.0
    cpe:2.3:o:opensuse:leap:15.0
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-399
CAPEC
nessus via4
NASL family Fedora Local Security Checks
NASL id FEDORA_2019-D7B5E168D1.NASL
description Fix for **CVE-2019-6128** Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen 2019-02-21
modified 2019-02-11
plugin id 122080
published 2019-02-11
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=122080
title Fedora 29 : libtiff (2019-d7b5e168d1)
refmap via4
confirm https://gitlab.com/libtiff/libtiff/commit/0c74a9f49b8d7a36b17b54a7428b3526d20f88a8
misc http://bugzilla.maptools.org/show_bug.cgi?id=2836
suse openSUSE-SU-2019:1161
ubuntu
  • USN-3906-1
  • USN-3906-2
Last major update 11-01-2019 - 00:29
Published 11-01-2019 - 00:29
Last modified 22-04-2019 - 11:40
Back to Top