{"id":"MGASA-2024-0055","summary":"Updated libtiff packages fix security vulnerability","details":"A segment fault (SEGV) flaw was found in libtiff that could be triggered\nby passing a crafted tiff file to the TIFFReadRGBATileExt() API.\nThis flaw allows a remote attacker to cause a heap-buffer overflow,\nleading to a denial of service. (CVE-2023-52356)\n","modified":"2026-04-16T04:44:05.366973802Z","published":"2024-03-12T00:30:17Z","upstream":["CVE-2023-52356"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0055.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=32959"},{"type":"WEB","url":"https://lwn.net/Articles/965011/"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52356"}],"affected":[{"package":{"name":"libtiff","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libtiff?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.5.1-1.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0055.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}