CVE-2022-1622

Description

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.104

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.6)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.5)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.3)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.2)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.7.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.7 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.4)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.7.8 (Software Update) (Auto Reboot) (CVE-2025-43300)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.8 (Software Update) - AutoReboot (CVE-2024-27877)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.7 (Software Update) - AutoReboot (CVE-2024-27789 , CVE-2023-42861 , CVE-2024-23296)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.5 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.4 (Software Update) - AutoReboot (CVE-2024-23222)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.3 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6 (Software Update) - AutoReboot (CVE-2023-41992,CVE-2023-41991)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.2 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.6 (Software Update) - AutoReboot (CVE-2024-1580)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.9 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.5 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.5.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.5.2 (Software Update) - AutoReboot (CVE-2023-41064)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.4 (Software Update) - AutoReboot(CVE-2023-32409,CVE-2023-28204,CVE-2023-32373)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.4.1 (Software Update) - AutoReboot(CVE-2023-32434,CVE-2023-32439)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.3 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.3.1 (Software Update) - AutoReboot (CVE-2023-28206,CVE-2023-28205)	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.2 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.2.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13 - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.0.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.8 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.6 (Software Update) - AutoReboot(CVE-2023-32409,CVE-2023-28204,CVE-2023-32373)	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.4 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.3 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.2 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.5 (Software Update) - AutoReboot (CVE-2023-28206)	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.7 (Software Update) - AutoReboot(CVE-2023-32434)	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.6.9 (Software Update) - (AutoReboot)(CVE-2023-41064)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.9 - Software Update (Force Reboot)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.7 - Software Update (Force Reboot)(CVE-2023-32409,CVE-2023-28204,CVE-2023-32373)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.5 - Software Update (Force Reboot)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.3 - Software Update (Force Reboot)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.2 - Software Update (Force Reboot)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.1 - Software Update	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7 - Software Update	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.4 - Software Update (Force Reboot)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.6 - Software Update (Force Reboot)(CVE-2023-28206)	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.7.8 - Software Update (Force Reboot)(CVE-2023-32434)	Mac
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) libtiff5-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) libtiff5-32bit-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) libtiff5-debuginfo-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) libtiff5-debuginfo-32bit-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) tiff-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) tiff-debuginfo-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4736-1(SUSE Linux Enterprise Server 12 SP5 ) tiff-debugsource-4.0.9-44.74.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) libtiff5-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) libtiff5-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) libtiff-devel-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) libtiff-devel-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) libtiff5-32bit-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) libtiff5-32bit-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) tiff-debuginfo-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) tiff-debuginfo-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) tiff-debugsource-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) tiff-debugsource-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) libtiff5-debuginfo-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) libtiff5-debuginfo-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP4) libtiff5-32bit-debuginfo-4.0.9-150000.45.35.1.x86_64.rpm	Linux
SUSE-SU-2023:4869-1(Basesystem Module 15-SP5) libtiff5-32bit-debuginfo-4.0.9-150000.45.35.1.x86_64_15_SP5.rpm	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611833	Mac OS - Ventura 13.7.8 (Software Update) (Auto Reboot) (CVE-2025-43300)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-611601	Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234