SUSE-SU-2025:3989-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2025-8851: Fixed stack-based buffer overflow vulnerability in tools/tiffcrop.c function readSeparateStripsIntoBuffer by implementing additional error handling bsc1248278...

CVE-2025-8851

A stack based buffer overflow flaw has been discovered in libTIFF. An attacker with local access may be able to craft input to the readSeparateStripsetoBuffer function in the file tools/tiffcrop.c that triggers this flaw. This issue could allow an attacker to achieve local code execution in the...

CVE-2023-3164

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

LibTIFF 缓冲区错误漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command line tools for processing TIFF files.LibTIFF suffers from a buffer overflow vulnerability that stems from an out-of-bounds write in extractContigSamplesShifted24bits in...

LibTIFF tools/tiffcrop.c out-of-bounds write buffer overflow vulnerability

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in libtiff version 4.0.6 in tools/tiffcrop.c, which can be...