### Key Information #### Vulnerability Overview - **Name**: CVE-2015-7313 - **Description**: LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted TIFF file. - **Source**: CVE (from NVD, CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, etc.) - **Debian Bugs**: 800124 #### Affected and Fixed Packages | Source Package | Release | Version | Status | |----------------|---------|---------|--------| | tiff (PTS) | bullseye | 4.2.0-1+deb11u5 | fixed | | | bullseye (security) | 4.2.0-1+deb11u6 | fixed | | | bookworm | 4.5.0-6+deb12u2 | fixed | | | bookworm (security) | 4.5.0-6+deb12u1 | fixed | | | trixie | 4.7.0-3 | fixed | | | forky, sid | 4.7.0-4 | fixed | #### Fixed Version Information | Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs | |---------|------|---------|--------------|---------|--------|-------------| | tiff | source | squeeze | (not affected) | - | - | - | | tiff | source | wheezy | (not affected) | - | - | - | | tiff | source | (unstable) | 4.0.7-1 | - | - | 800124 | | tiff3 | source | wheezy | (not affected) | - | - | - | | tiff3 | source | (unstable) | (unfixed) | - | - | - | #### Notes - [jessie] - tiff (Minor issue) - [wheezy] - tiff (Can't reproduce) - [squeeze] - tiff (Can't reproduce the issue, file is rejected with "Integer overflow in TIFFVStripSize" and "cannot handle") - [wheezy] - tiff3 (Can't reproduce the issue, file is rejected with "Integer overflow in TIFFVStripSize" and "cannot handle") - Test file: https://marc.info/?l=oss-security&m=144284777006804&q=p6 - Reproduction command: `ltrace -e realloc tiffdither /tmp/oom.tif /dev/null`, ultimately showing "libtiff.so.5->realloc(0, 1636178024)"