Wind River Support Network

HomeDefectsLIN7-7050

Fixed

LIN7-7050 : Security Advisory - libtiff - CVE-2016-9536

Created: Nov 24, 2016 Updated: Sep 8, 2018

Resolved Date: Dec 8, 2016

Found In Version: 7.0.0.21

Fix Version: 7.0.0.22

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka t2p_process_jpeg_strip heap-buffer-overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9536

Other Downloads

Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-9536