Description

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

Classification

CVE ID: CVE-2023-3316

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.9

Affected Products

Vendor: libtiff

Product: libtiff

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.16% (probability of being exploited)

EPSS Percentile: 52.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/
https://gitlab.com/libtiff/libtiff/-/issues/515
https://gitlab.com/libtiff/libtiff/-/merge_requests/468
https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html

Timeline