In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
Debian Bug report logs -
#869708
jbigkit: CVE-2017-9937
Package:
src:jbigkit;
Maintainer for src:jbigkit is Michael van der Kolff <mvanderkolff@gmailcom>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 25 Jul 2017 20:30:01 UTC
Severity: important
Tags: security, upstream
Found in version jbigkit/2 ...
In LibTIFF 408, there is a memory malloc failure in tif_jbigc A crafted TIFF document can lead to an abort resulting in a remote denial of service attack ...