Decoding a 0-height tiled TIFF image iterates over every horizontal pixel. A maliciously-crafted 0-height, max-width image can force 2^32 loop iterations and a substantial amount of CPU consumption.
Thanks to Philippe Antoine (Catena cyber) for reporting this issue.
Decoding a 0-height tiled TIFF image iterates over every horizontal pixel. A maliciously-crafted 0-height, max-width image can force 2^32 loop iterations and a substantial amount of CPU consumption.
Thanks to Philippe Antoine (Catena cyber) for reporting this issue.
This is CVE-2023-29407.
This is a PRIVATE issue for CVE-2023-29407, tracked in http://b/279483698 and fixed by http://tg/1944079.
/cc @golang/security and @golang/release