CVE-2016-9532 Debian CVE debrief

Who should care

Teams that ship, package, or invoke LibTIFF—especially distro maintainers, workstation and server administrators, and any application or pipeline that processes untrusted TIFF images.

Technical summary

The supplied record describes an integer overflow in writeBufferToSeparateStrips in tiffcrop.c affecting LibTIFF versions before 4.0.7. The impact is an out-of-bounds read (CWE-125) that can crash or otherwise deny service when a crafted TIFF is handled. NVD’s CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) suggests exploitation occurs in a local processing context with user interaction, even though the prose description refers to a remote attacker delivering the file.

Defensive priority

Medium. Patch quickly where LibTIFF is exposed to untrusted image input or embedded in automated processing, because the issue can be triggered by a malicious file and can disrupt service.

Recommended defensive actions

• Update LibTIFF to 4.0.7 or a vendor package that backports the fix.
• Inventory systems and applications that use libtiff or tiffcrop, including downstream distro builds.
• Restrict or sandbox processing of untrusted TIFF files until patched.
• Prefer trusted input validation and isolate image-conversion jobs from higher-value services.
• Track vendor advisories and rebuild dependent packages after applying the fix.

Evidence notes

The supplied CVE description states the flaw is an integer overflow in writeBufferToSeparateStrips in tiffcrop.c in LibTIFF before 4.0.7, with denial-of-service via out-of-bounds read from a crafted TIFF file. NVD supplies CWE-125 and a CVSS 3.0 vector of AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. The reference set includes an upstream issue tracker entry plus Debian, Red Hat, and Gentoo advisories, supporting that downstream packages were also tracked.

Official resources