CVE-2023-52355 - Vulnerability Details - OpenCVE

Description

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

Published: 2024-01-25

Score: 7.5 High

EPSS: 1.3% Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

unaffected

Version	Status	Constraints
`0`	affected	< 4.6.0

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:4.4.0-15.el9`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a`	unaffected	< *

Red Hat

Red Hat Discovery 2

affected

Version	Status	Constraints
`sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740`	unaffected	< *

Red Hat Red Hat Enterprise Linux 6 unknown —

Red Hat Red Hat Enterprise Linux 7 unknown —

Red Hat Red Hat Enterprise Linux 7 unknown —

Red Hat Red Hat Enterprise Linux 8 affected —

Red Hat Red Hat Enterprise Linux 8 affected —

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-57011	An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01313.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://access.redhat.com/errata/RHSA-2025:20801
https://access.redhat.com/errata/RHSA-2025:21994
https://access.redhat.com/errata/RHSA-2025:23078
https://access.redhat.com/errata/RHSA-2025:23079
https://access.redhat.com/errata/RHSA-2025:23080
https://access.redhat.com/errata/RHSA-2026:3461
https://access.redhat.com/errata/RHSA-2026:3462
https://access.redhat.com/security/cve/CVE-2023-52355
https://bugzilla.redhat.com/show_bug.cgi?id=2251326
https://gitlab.com/libtiff/libtiff/-/issues/621
https://nvd.nist.gov/vuln/detail/CVE-2023-52355
https://www.cve.org/CVERecord?id=CVE-2023-52355

History

Fri, 27 Feb 2026 16:45:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2026:3461 https://access.redhat.com/errata/RHSA-2026:3462

Wed, 10 Dec 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat ai Inference Server
CPEs		cpe:/a:redhat:ai_inference_server:3.2::el9
Vendors & Products		Redhat ai Inference Server
References		https://access.redhat.com/errata/RHSA-2025:23078 https://access.redhat.com/errata/RHSA-2025:23079 https://access.redhat.com/errata/RHSA-2025:23080

Mon, 24 Nov 2025 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat discovery
CPEs		cpe:/a:redhat:discovery:2::el9
Vendors & Products		Redhat discovery
References		https://access.redhat.com/errata/RHSA-2025:21994

Tue, 11 Nov 2025 16:45:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
References		https://access.redhat.com/errata/RHSA-2025:20801

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00119}`	epss `{'score': 0.00123}`

Tue, 17 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Libtiff Libtiff

Redhat Ai Inference Server Discovery Enterprise Linux

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-01-25T20:03:35.031Z

Updated: 2026-02-27T17:05:04.306Z

Reserved: 2024-01-24T14:08:49.010Z

Link: CVE-2023-52355

Vulnrichment

Updated: 2024-08-02T22:55:41.592Z

NVD

Status : Modified

Published: 2024-01-25T20:15:38.353

Modified: 2026-02-27T17:16:20.137

Link: CVE-2023-52355

Redhat

Severity : Moderate

Publid Date: 2023-11-03T00:00:00Z

Links: CVE-2023-52355 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-787

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-52355", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-01-24T14:08:49.010Z", "datePublished": "2024-01-25T20:03:35.031Z", "dateUpdated": "2026-02-27T17:05:04.306Z"}, "containers": {"cna": {"title": "Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "versions": [{"version": "0:4.4.0-15.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-rocm-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/model-opt-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-rocm-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-ui-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "compat-libtiff3", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtiff", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:20801", "name": "RHSA-2025:20801", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:21994", "name": "RHSA-2025:21994", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23078", "name": "RHSA-2025:23078", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23079", "name": "RHSA-2025:23079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23080", "name": "RHSA-2025:23080", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3461", "name": "RHSA-2026:3461", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3462", "name": "RHSA-2026:3462", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "datePublic": "2023-11-03T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-787: Out-of-bounds Write", "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00.000Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-27T17:05:04.306Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:55:41.592Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-21T18:49:09.493075Z", "id": "CVE-2023-52355", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:44:08.059Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:55:41.592Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52355", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T18:49:09.493075Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:44:01.770Z"}}], "cna": {"title": "Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.6.0", "versionType": "semver"}], "packageName": "libtiff", "collectionURL": "https://gitlab.com/libtiff/libtiff", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:4.4.0-15.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-rocm-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/model-opt-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-rocm-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-ui-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "compat-libtiff3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "libtiff", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2023-11-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-03T00:00:00.000Z", "value": "Made public."}], "datePublic": "2023-11-03T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:20801", "name": "RHSA-2025:20801", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:21994", "name": "RHSA-2025:21994", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23078", "name": "RHSA-2025:23078", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23079", "name": "RHSA-2025:23079", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:23080", "name": "RHSA-2025:23080", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3461", "name": "RHSA-2026:3461", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3462", "name": "RHSA-2026:3462", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-52355", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326", "name": "RHBZ#2251326", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-27T17:05:04.306Z"}, "x_redhatCweChain": "CWE-787: Out-of-bounds Write"}}, "cveMetadata": {"cveId": "CVE-2023-52355", "state": "PUBLISHED", "dateUpdated": "2026-02-27T17:05:04.306Z", "dateReserved": "2024-01-24T14:08:49.010Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-01-25T20:03:35.031Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "matchCriteriaId": "B37DB8C1-31DE-4D92-B4CD-EE365959F1D2", "versionEndExcluding": "4.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de falta de memoria en libtiff que podr\u00eda activarse al pasar un archivo tiff dise\u00f1ado a la API TIFFRasterScanlineSize64(). Este fallo permite que un atacante remoto provoque una denegaci\u00f3n de servicio a trav\u00e9s de una entrada manipulada con un tama\u00f1o inferior a 379 KB."}], "id": "CVE-2023-52355", "lastModified": "2026-02-27T17:16:20.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-25T20:15:38.353", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:20801"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:21994"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23078"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23079"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:23080"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:3461"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:3462"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52355"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-52355"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/621"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM", "id": "2251326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.", "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."], "name": "CVE-2023-52355", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-11-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52355\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52355\nhttps://gitlab.com/libtiff/libtiff/-/issues/621"], "statement": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it's important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.", "threat_severity": "Moderate"}