CVE-2023-30775 - Vulnerability Details - OpenCVE

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Libtiff	Libtiff
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:4.4.0:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
libtiff-0:4.4.0-7.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:2340	2023-05-09T00:00:00Z

References

Link	Providers
https://access.redhat.com/security/cve/CVE-2023-30775
https://bugzilla.redhat.com/show_bug.cgi?id=2187141
https://gitlab.com/libtiff/libtiff/-/issues/464
https://nvd.nist.gov/vuln/detail/CVE-2023-30775
https://security.netapp.com/advisory/ntap-20230703-0002/
https://www.cve.org/CVERecord?id=CVE-2023-30775

History

Tue, 21 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-05-19T00:00:00

Updated: 2025-01-21T17:30:59.637Z

Reserved: 2023-04-17T00:00:00

Link: CVE-2023-30775

Vulnrichment

Updated: 2024-08-02T14:37:15.317Z

NVD

Status : Modified

Published: 2023-05-19T15:15:08.980

Modified: 2025-01-21T18:15:13.483

Link: CVE-2023-30775

Redhat

Severity : Moderate

Publid Date: 2023-04-17T00:00:00Z

Links: CVE-2023-30775 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-30775", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2025-01-21T17:30:59.637Z", "dateReserved": "2023-04-17T00:00:00", "datePublished": "2023-05-19T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-07-03T00:00:00"}, "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c."}], "affected": [{"vendor": "n/a", "product": "libtiff", "versions": [{"version": "4.0", "status": "affected"}]}], "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/464"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-30775"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141"}, {"url": "https://security.netapp.com/advisory/ntap-20230703-0002/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-119", "cweId": "CWE-119"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.317Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/464", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-30775", "tags": ["x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230703-0002/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-21T17:29:52.315626Z", "id": "CVE-2023-30775", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-21T17:30:59.637Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/464", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-30775", "tags": ["x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230703-0002/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.317Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-30775", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-21T17:29:52.315626Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-21T17:30:33.463Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "libtiff", "versions": [{"status": "affected", "version": "4.0"}]}], "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/464"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-30775"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141"}, {"url": "https://security.netapp.com/advisory/ntap-20230703-0002/"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-07-03T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2023-30775", "state": "PUBLISHED", "dateUpdated": "2025-01-21T17:30:59.637Z", "dateReserved": "2023-04-17T00:00:00", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2023-05-19T00:00:00", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D49C1A38-70B8-4172-9FCD-F9E8848565C8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c."}], "id": "CVE-2023-30775", "lastModified": "2025-01-21T18:15:13.483", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-05-19T15:15:08.980", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-30775"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/464"}, {"source": "secalert@redhat.com", "url": "https://security.netapp.com/advisory/ntap-20230703-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-30775"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/464"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20230703-0002/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:2340", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libtiff-0:4.4.0-7.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c", "id": "2187141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187141"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-119->CWE-787", "details": ["A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.", "A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c."], "name": "CVE-2023-30775", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2023-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-30775\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-30775"], "statement": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer to CWE-787: Out-of-bounds Write vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\nBoundary protection, access enforcement, and least privilege controls limit access to the platform and memory, ensuring only authorized users and processes can interact with sensitive components. This reduces the risk of attackers exploiting memory vulnerabilities. Configuration management controls like baseline configuration and least functionality can help prevent vulnerability exploitation by enforcing secure system configurations, enabling memory protection, and removing unnecessary services, ports, or functions that could be exploited. Memory protection controls mitigate the risk of potential memory corruption by enforcing runtime protections. Finally, process isolation and encryption of data at rest reduce the potential impacts in the case of successful exploitation by isolating compromised processes and ensuring sensitive data remains secure even in the event of memory corruption.", "threat_severity": "Moderate"}