{"id":"CVE-2022-3570","details":"Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact","modified":"2026-04-02T08:04:38.045012Z","published":"2022-10-21T00:00:00Z","related":["ALSA-2023:2340","MGASA-2022-0410","SUSE-SU-2022:4411-1","SUSE-SU-2023:0060-1","openSUSE-SU-2024:12604-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3570.json","cna_assigner":"GitLab"},"references":[{"type":"WEB","url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3570.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3570"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230203-0002/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5333"},{"type":"REPORT","url":"https://gitlab.com/libtiff/libtiff/-/issues/381"},{"type":"REPORT","url":"https://gitlab.com/libtiff/libtiff/-/issues/386"},{"type":"FIX","url":"https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/libtiff/libtiff","events":[{"introduced":"616624213caa4017313ca0aac850c1101759d4ff"},{"fixed":"bd94a9b383d8755a27b5a1bc27660b8ad10b094c"}]}],"versions":["v3.9.0","v3.9.1","v3.9.2","v3.9.3","v3.9.4","v3.9.5","v3.9.6","v3.9.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3570.json","vanir_signatures":[{"signature_type":"Function","digest":{"length":743,"function_hash":"73414293579058714312692040571144124868"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"createImageSection"},"id":"CVE-2022-3570-061a9c90"},{"signature_type":"Function","digest":{"length":3819,"function_hash":"141138543903544857430709045825714267094"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"readSeparateStripsIntoBuffer"},"id":"CVE-2022-3570-0a541be4"},{"signature_type":"Function","digest":{"length":778,"function_hash":"138119707806331932256816349170203712066"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"readContigStripsIntoBuffer"},"id":"CVE-2022-3570-258e0fa2"},{"signature_type":"Function","digest":{"length":9653,"function_hash":"126422127142659715613190112482254930329"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"loadImage"},"id":"CVE-2022-3570-29759151"},{"signature_type":"Function","digest":{"length":2665,"function_hash":"40925314800921746510480144856019046063"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"readSeparateTilesIntoBuffer"},"id":"CVE-2022-3570-2a31dd20"},{"signature_type":"Function","digest":{"length":5025,"function_hash":"248925110061865491724233423527986258883"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"processCropSelections"},"id":"CVE-2022-3570-2ec2788f"},{"signature_type":"Function","digest":{"length":1872,"function_hash":"215264447365979126684343856990259888596"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"rotateContigSamples32bits"},"id":"CVE-2022-3570-2fd7f9a2"},{"signature_type":"Function","digest":{"length":4008,"function_hash":"115141817309752073159430108036508565628"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"readContigTilesIntoBuffer"},"id":"CVE-2022-3570-57221a42"},{"signature_type":"Function","digest":{"length":4830,"function_hash":"136269750220822454020027312101607687695"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"rotateImage"},"id":"CVE-2022-3570-59fb66fe"},{"signature_type":"Function","digest":{"length":2173,"function_hash":"80604406239685643874358365838523656869"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"writeBufferToContigTiles"},"id":"CVE-2022-3570-75dc5372"},{"signature_type":"Function","digest":{"length":2195,"function_hash":"2262150662903398105759501292799772252"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"mirrorImage"},"id":"CVE-2022-3570-784d8b56"},{"signature_type":"Function","digest":{"length":1664,"function_hash":"119176640693209472176966299152118368181"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"writeBufferToSeparateTiles"},"id":"CVE-2022-3570-7bfed0ba"},{"signature_type":"Function","digest":{"length":1923,"function_hash":"239520480060775680880811521935719455601"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"writeBufferToSeparateStrips"},"id":"CVE-2022-3570-7c87a141"},{"signature_type":"Function","digest":{"length":6632,"function_hash":"175810774766660255239457035353811171234"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"writeCroppedImage"},"id":"CVE-2022-3570-84cb8ec7"},{"signature_type":"Function","digest":{"length":2456,"function_hash":"71704160543945549931684179680938783128"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"createCroppedImage"},"id":"CVE-2022-3570-8e9f42b8"},{"signature_type":"Function","digest":{"length":5845,"function_hash":"58694809494002470980715476520943847072"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"main"},"id":"CVE-2022-3570-9cd79486"},{"signature_type":"Function","digest":{"length":2114,"function_hash":"218099889492278644452972119632796556386"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"extractContigSamples32bits"},"id":"CVE-2022-3570-9f243ea6"},{"signature_type":"Function","digest":{"length":6327,"function_hash":"152525237175275714259774149804315278187"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"writeSingleSection"},"id":"CVE-2022-3570-b70878cb"},{"signature_type":"Function","digest":{"length":3205,"function_hash":"300282237262693875103273446788895575399"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"combineSeparateTileSamples32bits"},"id":"CVE-2022-3570-d59a31c1"},{"signature_type":"Function","digest":{"length":3169,"function_hash":"70958510816466083814326910009718151954"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"combineSeparateSamples32bits"},"id":"CVE-2022-3570-e585b802"},{"signature_type":"Function","digest":{"length":1593,"function_hash":"174772018215287173235632202234450107528"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"reverseSamples32bits"},"id":"CVE-2022-3570-ee18bbd2"},{"signature_type":"Function","digest":{"length":13324,"function_hash":"215378022298435067977074655365004903198"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"process_command_opts"},"id":"CVE-2022-3570-efa78595"},{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["36904319050870050075944380293744379415","148944387846567048787496317044669209700","172353140212210332738028602722684502789","5194828710430672496475866779558353232","226880543897109840059598479198766496237","183616285124091163464860417946501741705","31250905044437836961885619983506426045","297014811199215977587974537811717617777","65509862894857715492411653985626533048","39241737324671638633653581638578108190","265491262347615102886724768755357909724","198051899355510570567416342530462884173","334542240662468402523792132697889876933","38129616721378605922251876588138412064","322956295904685163964998547230517209186","217072567536095540754355331082489578419","215496354072925702712033066362600511503","4855798985720185036440186036417377167","51482295414595786087010796660058203191","120078125092424858686709267167033529647","282847462696355307918282658852297439759","11633513688849953855492740151699936155","273440721008847971843817899426003101316","12803200632296440274834587653253601234","276203153516575319829672890978034786236","276590913139201738436774446670918299376","225482034960417044747789273757243770067","83029297198525156279359955420957571027","338494050993894839623046629070925028661","112475323499727224985977640149295032928","152684781266482778772780002401653601591","119408776991093585131152503228630321579","44083798554376739722226079100852778293","268005472510568949986539844613375246815","161363696180950549099064216316015976615","50153980539368073926959533296349074370","173470305070261889928025533129729755271","236831686975644281511543651397935894919","338513193602068057105418808843615435488","18848845320224210997526724864988933488","331183236537550835739069625295277148739","255621628549522519310633905201747689127","245181859317258191138812374346164905704","157008357108322322103810350592326344813","148234081781652853830599303985186451453","176077503181936332842619468132148017006","91464165583762556035127780780106574239","219617333104601556494486675845194987155","319708229044711003928503927440503149819","86762008223906166700697366016066533059","79625752929919055653670176355040858009","233708253490363765926702562682351505048","215305369697501740084220928064155098678","15087757931275097223892873054794580141","228520569627924296262840375368927506243","16438087790122706628237211050273667727","294386414007228327201120798091685938469","285177811232648080214782620008491973301","306545979263577873694147313403487769307","142633361785452413557190597409798244556","284467504553731755381735486738413865672","328077244555636241993492928347897532399","6358474206907447388585826919562503877","309255738321025742489099835561550455621","285799736995519489721010841515061329608","267961813986121545298078818298824549176","105400348924992323283287315775545031642","74637940698104028664660725691505378047","29594598378024092633837668467631201810","50646523611235913676332554918403608250","122748724584299805849275821259833973720","94818810755018064901706165519922283571","175376885207399548842218790344689617103","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","224417797872703642051019963825896261770","304436343051043342289922034312302968695","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","111072517274899313653383385030058799815","176804380447276410941985806010307029081","41162320797539442535307796504675856192","44499554695709036761194751116083175687","198360126933755457493876228499972534075","286077082494140296995986367879201810235","282592777527244186976544476806239371714","23706594433021290069831580925942026750","140276705429615667513513540836933257267","165221401906029886587453984638004588589","192991531621572099703449664025435074050","122375306657899601884592408454805200948","28447251047494587466120532097245248798","102525931724594160676357043782989098742","94818810755018064901706165519922283571","175376885207399548842218790344689617103","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","60886703825059905600399674728060618351","81074173380524333036405631956857366102","122280152378156491744992482328484496049","88648912575555465978017831865005428541","296417302910421840439513022223532876520","34421224208119507185476752654820489580","221851883998970723031890225603010470297","94818810755018064901706165519922283571","175376885207399548842218790344689617103","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","60886703825059905600399674728060618351","81074173380524333036405631956857366102","122280152378156491744992482328484496049","88648912575555465978017831865005428541","296417302910421840439513022223532876520","34421224208119507185476752654820489580","221851883998970723031890225603010470297","263731269792043266458605366349676164149","85089216065189675231358242222578191183","299919081332247595758948529659551102691","189879011385403316271244133985387952234","55545263103750355329861216911591598924","157008052667779580807819311881310994625","133983106005283273873002678394750363449","69994435046504057551390176059971392170","301360587928986060252711651331459151579","198444931075504009338135495447056193510","197678725369432663188256067628334634678","111990424677403049973389780047174054264","96000108208796951158357117870302689177","115590914812513299749944232078374738702","80276247638992851521843032208242717462","48283337631648446862553044806484587762","212826536487712941053738578788608116950","27500476324165212868061567444004134991","338974005378214813553392509199858061566","33481170045224031133766890525800865435","235819140701823778300040094161322487523","118170502004886593809661796605766765124","165762079751102925448587416199981022433","145096757574326528080567688825296681482","204743797162173935618564672178697310643","174508789031198191883682570018221096166","281441968363604064135029190424219700527","38838450794737620837283355296765773660","170890520232046035017540952903705550063","24263688457518249113167714450663791390","276453324436402782861961522173387945054","12271722792604723230152135592571316962","222100918255949119875447280448948122401","143795158090146254299283485047648834245","327192757535796615232381151755162669910","113822505259446774654041568110621841776","116772050802245815702978541377879540829","282562201558400969260746257971396600626","21304173115005113974223182362835487676","10150429243345004733850288588685894030","308078429452306069726657916228738420468","276309643354126506565784058865388555078","27138147848260718169849949802314770166","48512183235553039120003132786110770592","41885773884344300092969535099248053203","155168659504823143875479289701696617249","303777321523284381181619874549989494272","16746846957071274117803679056269809657","82953695621438505386424860883632291020","136203393294720774748213640991686699778","23475968419419198765550277995801454972","333219041700904414260484631889933388307","264936701785753781037428995686656963724","48934863689979791610269508847500964044","252836409316237787473835533075654596336","325227070892579518944675469821822897874","149933110139178954047306393935887770385","186795860008480675343212149950762316393","198906758318480986927818811431133215998","201262878082341686205395932979860002108","196027833412123107288424184918250053694","96856709779273790700484667928684280307","174823312249535888681934999711621695184","13205642319055818944477304531548801725","172338411362318530775176612810628323686","247154926460488281007111195261240425183","311542605333326286705446137596650358881","58782949384809226566602828858094343618","105558700580786003365109785227469230343","8087419299051464238016043173261638907","221374772681990449749574523280598123220","307858995266198828531986028775787214275","198906758318480986927818811431133215998","201262878082341686205395932979860002108","137281816836718792817168587678072428923","158412469871920506517679737547234193118","74691043438622883416505437799642526990","212799614174836441242686284319129474884","38410306252204995615476601030302057312","18779754731426414395490983004448318847","275677095118521996826139815564355110395","36893044600648284245768382767298348131","138475328535197147318815834180176346297","237886617039673040141195594859665638346","117537013643614350444260762643424293463","299351437139622130337217446656135511338","232713635518876406482866036961128255610","98175608000734366040627736694060387738","91202217678753618661837971986745793147","168051966204155517174301924485091907107","118705877696388375790970730910923678559","118301160123328613349691517374335155186","270233414032243174318850670456145069490","337225159139651908570001766122424819340","65069318009008150180370364180382979315","289879648741833839482061746630449751255","38410306252204995615476601030302057312","18779754731426414395490983004448318847","275677095118521996826139815564355110395","36893044600648284245768382767298348131","138475328535197147318815834180176346297","237886617039673040141195594859665638346","117537013643614350444260762643424293463","299351437139622130337217446656135511338","232713635518876406482866036961128255610","98175608000734366040627736694060387738","91202217678753618661837971986745793147","168051966204155517174301924485091907107","118705877696388375790970730910923678559","198464016156078522527645032031509142935","247572856789307146181652448809916557857","123520728072678360120429858273437779323","274228430951701520669587196197986285298","216112560055593108749898096699162725942","319466540162030003307867011210034586860","108027197147085147603849007544433070687","43982364495502070777293370651128671740","321577393212318608746579154848150573674","119979819340107617888669842847183743953","242752783716930481821707906824274244522","285169954143923631816165592417942037064","114639070831231960370137645545675859471","283997940529990510997896991184334793058","162596278504555250043911977615879516995","317783618004417336194327059063582020608","269879509336033516287373972137905395123","266777213098660551320129181420047218812","44828589885201257720517464690840102017","59365649461002646446457113052178208747","201963711442329163495039603266271462463","84538476077106553333309015970881775708","231002350281125155144538978362202701765","227322087507502458841483764958620181760","119979819340107617888669842847183743953","92686660175435040780757583611684790820","190127555950779266852780089587088196931","156309968344559376648440075698447439771","27138147848260718169849949802314770166","48512183235553039120003132786110770592","41885773884344300092969535099248053203","155168659504823143875479289701696617249","303777321523284381181619874549989494272","16746846957071274117803679056269809657","82953695621438505386424860883632291020","136203393294720774748213640991686699778","23475968419419198765550277995801454972","333219041700904414260484631889933388307","224417797872703642051019963825896261770","304436343051043342289922034312302968695","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","104860651175093560015512467907179611406","120866538416870187392040757719312667253","161942777168383121849376143004794499574","281205859137528438191582068181844130507","109921428154797999223969000142540097893","179700301645266179495331639341747612106","123024072597647504459567535660218556948","136156110729136319818315094341911108119","17942885712866952146160590515746951942","224417797872703642051019963825896261770","304436343051043342289922034312302968695","184788127750728206528829234746161075601","294604395485318682616000937523276597675","133952280478763637585514660531383164044","243492629249184718791614359966204053504","146044069348950529996407553624465395800","318191103148672757501464272365474003190","225560507003065238567830975440122956184","64971893335344681584236708952234239965","173255509265442890798029815765447894270","191185763382470093710600431977935976094","293963065067707355678749383212546211836","319766659006799538160667181210608377562","10994383429336784002038514680312786351","203219242218068272402130481980846776104","302527271031397385624583480307492593645","251212540964436282027459739979102897630","39216821576520241481701603163671918653","200018982500423554698822991593844710392","288880598321117470102111350322250840366","189139728343451002975497974693308376196","3430017366584373907605673572830037932","237711060007208207453764032059953072229","162392344033473026821162731967957670819","38525891942565743421372133268879224916","92637393776000105781882499655261327678","67780623621198641957177548956867344590","13564189553015796301760289043333691331","67962660931968319747269875200694791762","93107580053178380656138300644878004148"]},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c"},"id":"CVE-2022-3570-f07782ab"},{"signature_type":"Function","digest":{"length":2246,"function_hash":"38766836344493606632951850823231729423"},"signature_version":"v1","source":"https://gitlab.com/libtiff/libtiff@bd94a9b383d8755a27b5a1bc27660b8ad10b094c","deprecated":false,"target":{"file":"tools/tiffcrop.c","function":"extractContigSamplesShifted32bits"},"id":"CVE-2022-3570-f4bf62e5"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}