{"id":"MGASA-2024-0287","summary":"Updated libtiff packages fix security vulnerability","details":"A null pointer dereference flaw was found in Libtiff via\n`tif_dirinfo.c`. This issue may allow an attacker to trigger memory\nallocation failures through certain means, such as restricting the heap\nspace size or injecting faults, causing a segmentation fault. This can\ncause an application crash, eventually leading to a denial of service.\n(CVE-2024-7006)\n","modified":"2026-04-16T04:42:27.827861684Z","published":"2024-09-10T16:40:31Z","upstream":["CVE-2024-7006"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0287.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33538"},{"type":"WEB","url":"https://lists.suse.com/pipermail/sle-updates/2024-September/036754.html"}],"affected":[{"package":{"name":"libtiff","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libtiff?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.5.1-1.5.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0287.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}