CVE-2024-13978 is a vulnerability identified in the LibTIFF library, specifically affecting versions 4.0 through 4.7.0. The flaw resides in the t2p_read_tiff_init function of the fax2ps component (file tools/tiff2pdf.c), where improper handling of input data can cause a null pointer dereference. This leads to a crash of the affected process, resulting in a denial of service condition. The attack vector is local, requiring an attacker to have local access and limited privileges (low privileges) to trigger the vulnerability. The complexity of exploitation is high due to the need for precise conditions to cause the null pointer dereference, and no user interaction or authentication bypass is involved. The vulnerability does not impact confidentiality, integrity, or allow remote code execution. The patch identified by commit 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4 addresses this issue by correcting the null pointer handling. Given the CVSS 4.0 score of 2.0, the vulnerability is classified as low severity. No known exploits have been reported in the wild, indicating limited active threat. However, systems relying on LibTIFF for TIFF to PDF conversion or fax processing locally could experience service interruptions if exploited.

For European organizations, the primary impact is potential denial of service in applications or services that utilize LibTIFF for TIFF image processing, particularly those using the fax2ps component. This could affect document processing workflows, fax-to-PDF conversions, or other local image handling tasks. While the vulnerability does not allow data theft or code execution, disruption of critical document processing services could impact business operations, especially in sectors like legal, healthcare, or government where TIFF images and fax processing remain common. The local attack requirement and high complexity reduce the likelihood of widespread exploitation, but insider threats or compromised local accounts could leverage this vulnerability to cause service outages. Organizations with automated or batch TIFF processing on user workstations or servers should be aware of potential crashes leading to downtime or degraded service availability.

European organizations should promptly apply the official patch (commit 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4) to all LibTIFF installations running affected versions (4.0 through 4.7.0). Additionally, restrict local access to systems performing TIFF processing to trusted users only, minimizing the risk of local exploitation. Implement monitoring for application crashes related to fax2ps or tiff2pdf tools to detect potential exploitation attempts. Where possible, upgrade to LibTIFF versions beyond 4.7.0 that include the fix. For environments where patching is delayed, consider isolating or sandboxing TIFF processing tasks to limit impact of crashes. Educate local users about the risks of processing untrusted TIFF files and enforce strict file validation policies. Finally, maintain up-to-date backups of critical processing systems to enable rapid recovery from denial of service incidents.