In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tifdirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tifunix.c) via a crafted file.
{ "urgency": "not yet assigned" }