Astra Linux - уязвимость в tiff

A vulnerability was discovered in the TIFFReadDirectory function of libtiff before version 4.4.0, which allows attackers to cause a denial of service through a crafted TIFF file...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service

A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service...

RHEL 9 : libtiff (RHSA-2026:5958)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5958 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Segment fault in...

SUSE-SU-2025:3941-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented bsc1250413...

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2025-1215)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1215 advisory. Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

Important: libtiff

Issue Overview: Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever 2023.9.20251014 or dnf update --advisory ALAS2023-2025-1215 --releasever 2023.9.20251014 to update your system. More information...

compat-libtiff3 security update

3.9.4-14 - fix CVE-2025-9900: Write-What-Where via TIFFReadRGBAImageOriented RHEL-112528...

Unity Linux 20.1070e Security Update: libtiff (UTSA-2025-680642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680642 advisory. Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of...

Null Pointer Dereference

libtiff.so is vulnerable to Null Pointer Dereference. The vulnerability is due to improper handling in the t2preadtiffinit function of tools/tiff2pdf.c in the fax2ps component, which allows a local attacker to trigger a null pointer dereference under complex conditions...

PT-2024-5544 · Libtiff +1 · Libtiff +1

Name of the Vulnerable Software and Affected Versions: LibTIFF affected versions not specified Description: The issue is related to the TIFFReadEncodedStrip function in the LibTIFF library, which is associated with an uncontrolled resource consumption. This can be exploited by a remote attacker t...

AZL-43891 CVE-2023-52356 affecting package openjpeg2 2.3.1-12

A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service...

AZL-34955 CVE-2023-52356 affecting package libtiff for versions less than 4.6.0-2

A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service...

The vulnerability of the TIFFReadDirectory function in the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the TIFFReadDirectory function in the LibTIFF library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

SUSE CVE-2012-2088

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

SUSE CVE-2017-9815

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tifdirread.c mishandles a malloc operation, which allows attackers to cause a denial of service memory leak within the function TIFFmalloc in tifunix.c via a crafted file...

SUSE CVE-2022-0562

Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...

libtiff: Null source pointer lead to Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFReadDirectory in tifdirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service...

DEBIAN-CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m...

libtiff: Null source pointer lead to Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFReadDirectory in tifdirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service...