CVE-2023-3316

Published: Jun 19, 2023Modified: Nov 3, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

Affected (1)

Products: Libtiff: Libtiff

Libtiff

1 product

Libtiff

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libtiff Libtiff	From 3.9.0 to 4.5.1

Related CWEs

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (9)

https://gitlab.com/libtiff/libtiff/-/issues/515

Source: reefs@jfrog.com

ExploitPatchThird Party Advisory

https://gitlab.com/libtiff/libtiff/-/merge_requests/468

Source: reefs@jfrog.com

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html

Source: reefs@jfrog.com

https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/

Source: reefs@jfrog.com

ExploitThird Party Advisory

https://gitlab.com/libtiff/libtiff/-/issues/515