CVE-2023-52356

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 25, 2024
Updated: Aug 7, 2024
CWE ID 122
CWE ID 787

Summary

CVE-2023-52356 is a segment fault vulnerability affecting libtiff. An attacker can exploit this flaw by supplying a specially crafted TIFF file to the TIFFReadRGBATileExt() API. The resulting heap-buffer overflow can lead to a denial of service. This issue poses a significant risk for systems that use libtiff and handle TIFF files, as it enables remote attackers to cause crashes and potentially disrupt services.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Red Hat Enterprise Linux

Affected Vendors

  • Red Hat