It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libtiff | Libtiff | 4.4.0-rc1 (including) | 4.4.0-rc1 (including) |
This weakness can take several forms, such as: