tiff: Integer overflow (CVE-2019-14973)
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
References:
https://gitlab.com/libtiff/libtiff/merge_requests/90 https://nvd.nist.gov/vuln/detail/CVE-2019-14973
Patch:
https://gitlab.com/libtiff/libtiff/commit/1b5e3b6a23827c33acf19ad50ce5ce78f12b3773
Affected branches:
-
master -
3.10-stable -
3.9-stable -
3.8-stable -
3.7-stable