libtiff security update

4.0.3-35.0.1 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail setrow Orabug: 38658716 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented Orabug: 38658716...

JLSEC-2025-318 A vulnerability was found in LibTIFF up to 4.7.0

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

libtiff: LibTIFF Buffer Overflow

A flaw was found in libtiff. The setrow function in file tools/thumbnail.c contains a buffer overflow vulnerability triggered by manipulation of image data, which can allow a local attacker to cause a denial of service. This overflow occurs when processing a crafted file. The vulnerability stems...

EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2025-2234)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file...

LibTIFF thumbnail.c setrow buffer overflow

...

Linux Distros Unpatched Vulnerability : CVE-2016-3633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors relat...

Amazon Linux 2 : libtiff (ALAS-2025-2965)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2965 advisory. A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the functi...

SUSE-SU-2025:02815-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing malformed TIFF files bsc1247106...

Linux Distros Unpatched Vulnerability : CVE-2025-8177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The...

Buffer Overflow

libtiff.so is vulnerable to Buffer Overflow. The vulnerability is due to unsafe memory manipulation in the setrow function within tools/thumbnail.c, leading to a local buffer overflow...

OESA-2025-1921 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

OESA-2025-1922 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

OESA-2025-1920 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

SUSE CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

AZL-65970 CVE-2025-8177 affecting package libtiff for versions less than 4.6.0-7

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

DEBIAN-CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

AZL-65978 CVE-2025-8177 affecting package libtiff for versions less than 4.6.0-8

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

UBUNTU-CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

CVE-2025-8177

CVE-2025-8177 affects LibTIFF up to 4.7.0. The issue is in the function setrow (tools/thumbnail.c) and leads to a buffer overflow. Local attack is required. The patch (e8c9d6c616b19438695fd829e58ae4fde5bfbc22) fixes this issue; affected deployments note the maintainer has dropped support for some...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the setrow function. An attacker can cause application instability and potentially execute arbitrary code by supplying a specially crafted image file that triggers improper bounds checking during row data assignment...