CVE-2022-2521 Information

Description

It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.

Reference

https://gitlab.com/libtiff/libtiff/-/issues/422 https://gitlab.com/libtiff/libtiff/-/merge_requests/378