CVE-2022-0907: 
NixOS vulnerability analysis and mitigation

CVE-2022-0907 is a vulnerability discovered in libtiff version 4.3.0, specifically affecting the tiffcrop functionality. The vulnerability was disclosed on March 11, 2022, and involves an unchecked return value leading to a NULL pointer dereference. This security flaw affects the LibTIFF library, which is widely used for manipulating TIFF (Tagged Image File Format) image files (NVD, MITRE).

The vulnerability stems from an unchecked return value that leads to a NULL pointer dereference in the tiffcrop functionality within libtiff 4.3.0. The issue occurs specifically in the TIFFmemset function in tifunix.c at line 340. When processing crafted TIFF files, the vulnerability can be triggered through the createImageSection function in tiffcrop.c (GitLab Issue). For users compiling libtiff from sources, the fix was made available with commit f2b656e2.

When successfully exploited, this vulnerability allows attackers to cause a denial-of-service condition by processing a specially crafted TIFF file. The vulnerability has been assigned a CVSS score of 5.5 (MEDIUM) with the vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (NetApp Advisory).

The vulnerability has been fixed in various distribution releases. For Fedora, the fix was included in libtiff-4.3.0-6.fc35 and libtiff-4.3.0-6.fc36 (Fedora Update). Debian addressed this in version 4.1.0+git191117-2~deb10u4 for oldstable and 4.2.0-1+deb11u1 for stable distributions (Debian Advisory). Users are advised to upgrade to the fixed versions available through their respective package managers.