CLSA-2026-1773051259 libtiff: Fix of CVE-2025-61143

CVE-2025-61143: fix OOB in tiffdither and fix null pointer dereference in tiffcrop...

Oracle Linux 9 : libtiff (ELSA-2025-20956)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20956 advisory. - fix CVE-2025-8176: tiffdither and tiffmedian skip first line of input images RHEL-120239 Tenable has extracted the preceding description block...

Oracle Linux 7 : libtiff (ELSA-2025-21407)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21407 advisory. - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail...

libtiff security update

4.0.3-35.0.1 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail setrow Orabug: 38658716 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented Orabug: 38658716...

Oracle Linux 8 : ELSA-2025-20034-0: / libtiff (ELSA-2025-200340)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-200340 advisory. 4.0.9-36 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools RHEL-120230 Tenable has extracted the preceding description block...

libtiff security update

4.0.9-36 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools RHEL-120230...

libtiff security update

4.4.0-13.2 - fix CVE-2025-8176 off-by-one error skipping first line in tiffdither and tiffmedian - Resolves: RHEL-120243 4.4.0-13.1 - fix CVE-2025-9900 buffer underflow in TIFFReadRGBAImageOriented - Resolves: RHEL-112542...

Oracle Linux 9 : libtiff (ELSA-2025-19113)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19113 advisory. - fix CVE-2025-8176 off-by-one error skipping first line in tiffdither and tiffmedian - fix CVE-2025-9900 buffer underflow in TIFFReadRGBAImageOriente...

ALPINE-CVE-2014-8127

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted TIFF image to the 1 checkInkNamesString function in tifdir.c in the thumbnail tool, 2 compresscontig function in tiff2bw.c in the tiff2bw tool, 3 putcontig8bitCIELab function in...

[ASA-201611-27] lib32-libtiff: multiple issues

Arch Linux Security Advisory ASA-201611-27 ========================================== Severity: Critical Date : 2016-11-25 CVE-ID : CVE-2010-2596 CVE-2014-8127 CVE-2014-8130 CVE-2015-7313 CVE-2015-8665 CVE-2015-8668 CVE-2015-8683 CVE-2016-3186 CVE-2016-3619 CVE-2016-3620 CVE-2016-3621 CVE-2016-36...

Amazon Linux AMI : libtiff (ALAS-2016-733)

Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. CVE-2014-9655 , CVE-2015-1547 ,...

Scientific Linux Security Update : libtiff on 6.x i686/x86_64 (2016:1547)

The remote Scientific Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2016:1547-1 advisory. Security Fixes: Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption...

libtiff: out-of-bounds read with malformed TIFF image in multiple tools

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted TIFF image to the 1 checkInkNamesString function in tifdir.c in the thumbnail tool, 2 compresscontig function in tiff2bw.c in the tiff2bw tool, 3 putcontig8bitCIELab function in...

libtiff: divide by zero in the tiffdither tool

The TIFFmalloc function in tifunix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tifwrite.c, as demonstrated by...

libtiff: out-of-bounds read with malformed TIFF image in multiple tools

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted TIFF image to the 1 checkInkNamesString function in tifdir.c in the thumbnail tool, 2 compresscontig function in tiff2bw.c in the tiff2bw tool, 3 putcontig8bitCIELab function in...

libtiff: divide by zero in the tiffdither tool

The TIFFmalloc function in tifunix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tifwrite.c, as demonstrated by...

LibTIFF Divide by Zero Error Denial of Service Vulnerability

LibTiff is an application library responsible for encoding/decoding TIFF image format. The use of the LibTiff library's "tiffdither" tool to process malformed TIFF images suffers from a divide-by-zero error, which can be exploited to build a malicious application and trick the application into...

CVE-2014-8128

LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service out-of-bounds write via a crafted TIFF image...