CVE-2023-41175

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 5, 2023

Updated: Apr 30, 2024

CWE ID 680

CWE ID 190

Summary

CVE-2023-41175 is a newly discovered vulnerability affecting the libtiff library. The issue stems from multiple integer overflows in the raw2tiff.c file. These overflows can be exploited by remote attackers, leading to a denial-of-service condition or potentially executing arbitrary code. The vulnerability is triggered by a specially crafted TIFF image that causes a heap-based buffer overflow.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

LibTIFF
Red Hat Enterprise Linux

Affected Vendors

Red Hat
Libtiff

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sdALwv
https://www.cve.org/CVERecord?id=CVE-2023-41175
https://nvd.nist.gov/vuln/detail/CVE-2023-41175

Back to Vulnerability Database