Wind River Support Network

HomeDefectsLIN7-7056

Fixed

LIN7-7056 : Security Advisory - libtiff - CVE-2016-9534

Created: Nov 24, 2016 Updated: Sep 8, 2018

Resolved Date: Dec 8, 2016

Found In Version: 7.0.0.21

Fix Version: 7.0.0.22

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka TIFFFlushData1 heap-buffer-overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9534

Other Downloads

Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-9534