ALT-PU-2025-11952-5

BDU:2025-13924

LOW3.3

Уязвимость библиотеки LibTIFF, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код на целевой системе

Published: 2025-11-10Modified: 2026-04-30

CVSS 3.xLOW 3.3

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVSS 2.0LOW 1.7

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:P

References

CVE-2025-8961

CVE-2025-61143

MEDIUM5.5

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

Published: 2026-02-23Modified: 2026-02-25

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2025-61144

HIGH7.3

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Published: 2026-02-23Modified: 2026-02-25

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References

CVE-2025-61145

MEDIUM5.0

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Published: 2026-02-23Modified: 2026-02-25

CVSS 3.xMEDIUM 5.0

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

References

CVE-2025-8961

LOW1.9

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.

Published: 2025-08-14Modified: 2026-04-29

CVSS 2.0LOW 1.7

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:P

CVSS 3.xLOW 3.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVSS 4.0LOW 1.9

CVSS:4.0/CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

CVE-2025-9900

HIGH8.8

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.

Published: 2025-09-23Modified: 2026-04-20

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

Package update libtiff in branch sisyphus

Closed issues (6)

Уязвимость библиотеки LibTIFF, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код на целевой системе

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.