LibTIFF - 'tif_jbig.c' Denial of Service

EDB-ID: 42300
Author: team OWL337
Published: 2017-07-06
CVE: CVE-2017-9936
Type: Dos
Platform: Linux
Aliases: N/A
Advisory/Source: Link
Tags: Denial of Service (DoS)
Vulnerable App: N/A

  
Triggered by “./tiff2ps $POC” or “./tiff2pdf $POC”

Triggered by “./tiff2ps $POC” or “./tiff2pdf $POC”

The asan debug information is below:

$./tiff2ps $POC


=================================================================
==26627==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 1792 byte(s) in 7 object(s) allocated from:
#0 0x7f7c4f1a19aa in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x989aa)
#1 0x7f7c4dca72fd (/usr/lib/x86_64-linux-gnu/libjbig.so.0+0x12fd)
#2 0x3ea (<unknown module>)

Indirect leak of 170491316224 byte(s) in 223 object(s) allocated from:
#0 0x7f7c4f1a19aa in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x989aa)
#1 0x7f7c4dca72fd (/usr/lib/x86_64-linux-gnu/libjbig.so.0+0x12fd)
#2 0x3ea (<unknown module>)

SUMMARY: AddressSanitizer: 170491318016 byte(s) leaked in 230 allocation(s).


Affected version:
<=the Latest version (4.0.8)


Credits:

This vulnerability is detected by team OWL337, with our custom fuzzer coll AFL.
Please contact [email protected] and [email protected] if you need more
info about the team, the tool or the vulnerability.


Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42300.zip

Related Posts

Comments