CVE-2024-7006

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-7006

CGA ID

CGA-3wmj-vvmm-743g

Severity

Unknown

Description

A null pointer dereference flaw was found in Libtiff via tif_dirinfo.c. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

References

https://images.chainguard.dev/security/CGA-3wmj-vvmm-743g
https://github.com/advisories/GHSA-r7x8-hv2q-v9r7
https://access.redhat.com/errata/RHSA-2024:6360
https://access.redhat.com/errata/RHSA-2024:8833
https://access.redhat.com/errata/RHSA-2024:8914
https://security.netapp.com/advisory/ntap-20240920-0001/
https://bugzilla.redhat.com/show_bug.cgi?id=2302996
https://access.redhat.com/security/cve/CVE-2024-7006
https://security-tracker.debian.org/tracker/CVE-2024-7006

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2024-7006

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources