*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Dear all, The following tiff2ps memory issues were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs, each ASAN report and each ASAN report in "halt_on_error=false" mode to this bug report. To reproduce those memory issues, execute an ASAN build of tiff2ps with the crashing inputs as the first argument (./tiff2ps <crashing_input>). We can verify those issues for 4.0.9-4ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source tiff"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr-Universität Bochum) Best regards, Sergej Schumilo ** Affects: tiff (Ubuntu) Importance: Undecided Status: New -- Multiple heap-buffer-overflow in tiff-4.0.9 https://bugs.launchpad.net/bugs/1762418 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
