Description

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

INFO

Published Date :

2024-08-08T20:49:45.373Z

Last Modified :

2026-01-23T17:00:51.034Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2024-7006 vulnerability.

Vendors Products
Libtiff
  • Libtiff
Redhat
  • Enterprise Linux
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Rhel Eus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-7006.

URL Resource
https://access.redhat.com/errata/RHSA-2024:6360 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:8833 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:8914 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-7006 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2302996 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-7006 cve-icon
https://security.netapp.com/advisory/ntap-20240920-0001/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-7006 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact