CVE-2025-61144
published 2026-02-23CVE-2025-61144: libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
PriorityP336high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
EPSS
0.25%
16.5th percentile
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 4.7.1-1 (forky) | tiff 4.7.1-1 (forky) |
| libtiff | libtiff | < 4.7.1 | 4.7.1 |
| msrc | azl3_libtiff_4.6.0-11_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-11_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
osv7.3HIGH
vendor_msrc9.8CRITICAL
vendor_debian7.3LOW
vendor_redhat7.3HIGH
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2026-03-23·CVSS 5.5
CVE-2025-61143 [MEDIUM] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
It was discovered that LibTIFF did not properly handle memory when
processing certain images. An attacker could possibly use this issue to
cause LibTIFF to crash, resulting in a denial of service. (CVE-2025-61143)
It was discovered that LibTIFF did not properly handle memory when
processing malformed TIFF directories. An attacker could possibly use this
issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-61144)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libtiff: libtiff: Denial of Service via buffer overflow
vendor_redhat·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CWE-805 libtiff: libtiff: Denial of Service via buffer overflow
libtiff: libtiff: Denial of Service via buffer overflow
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
A denial of service flaw has been found in libtiff. This stack-based buffer overflow occurs in tiffcrop (part of libtiff) within the function readSeparateStripsIntoBuffer. When processing a malformed TIFF directory (e.g., improper tags/order, missing StripByteCounts), the function overflows a stack-allocated array (srcbuffs) by accessing one element beyond its boundary in combineSeparateSamplesBytes. This leads to an AddressSanitizer-detected buffer over-read and crash.
Statement: Red Hat employs StackGuard protections which limit the impact of this vulnerability to a denial of service. An out of bounds read in libtiff on
Microsoft
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
vendor_msrc·2026-02-10·CVSS 9.8
CVE-2025-61144 [HIGH] CWE-119 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
Debian
CVE-2025-61144: tiff - libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSepa...
vendor_debian·2025·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144: tiff - libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSepa...
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 4.7.1-1)
sid: resolved (fixed in 4.7.1-1)
trixie: open
OSV
tiff vulnerabilities
osv·2026-03-23·CVSS 5.5
CVE-2025-61143 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
It was discovered that LibTIFF did not properly handle memory when
processing certain images. An attacker could possibly use this issue to
cause LibTIFF to crash, resulting in a denial of service. (CVE-2025-61143)
It was discovered that LibTIFF did not properly handle memory when
processing malformed TIFF directories. An attacker could possibly use this
issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-61144)
OSV
CVE-2025-61144: libtiff up to v4
osv·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144: libtiff up to v4
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
GHSA
GHSA-m6xw-mq4p-x7xv: libtiff up to v4
ghsa_unreviewed·2026-02-23
CVE-2025-61144 [HIGH] CWE-119 GHSA-m6xw-mq4p-x7xv: libtiff up to v4
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-61144 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61144 :
NixOS vulnerability analysis and mitigation
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Source : NVD
## 7.3
Score
Published February 23, 2026
Severity HIGH
CNA Score 9.8
Affected Technologies
NixOS
Alma Linux
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 8.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
mingw32-libtiff
mingw32-libtiff-static
Sources
NVD
CBL-Mariner 2.0, 3.0 Severity CRITICAL Has Fix Added at: Mar 02, 2026
Debian 11, 12, 13 Severity LOW No Fix Added at: Feb 24, 2026
Debian 14 Severity LOW Has Fix Added at: Feb 24, 2026
Echo Severity HIGH Has Fix Add
Bugzilla
CVE-2025-61144 iv: libtiff: Denial of Service via buffer overflow [fedora-42]
bugzilla·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144 iv: libtiff: Denial of Service via buffer overflow [fedora-42]
CVE-2025-61144 iv: libtiff: Denial of Service via buffer overflow [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change the 'version
Bugzilla
CVE-2025-61144 mingw-libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
bugzilla·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144 mingw-libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
CVE-2025-61144 mingw-libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change t
Bugzilla
CVE-2025-61144 tkimg: libtiff: Denial of Service via buffer overflow [fedora-42]
bugzilla·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144 tkimg: libtiff: Denial of Service via buffer overflow [fedora-42]
CVE-2025-61144 tkimg: libtiff: Denial of Service via buffer overflow [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change the 'vers
Bugzilla
CVE-2025-61144 libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
bugzilla·2026-02-23·CVSS 7.3
CVE-2025-61144 [HIGH] CVE-2025-61144 libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
CVE-2025-61144 libtiff: libtiff: Denial of Service via buffer overflow [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change the 've
https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26dhttps://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aahttps://gitlab.com/libtiff/libtiff/-/issues/740https://gitlab.com/libtiff/libtiff/-/merge_requests/757
2026-02-23
Published