CVE-2025-8961
published 2025-08-14CVE-2025-8961: A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can…
PriorityP412low3.3CVSS 3.1
AVLACLPRLUINSUCNINAL
EPSS
0.19%
8.4th percentile
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 4.7.0-5 (forky) | tiff 4.7.0-5 (forky) |
| libtiff | libtiff | — | — |
| msrc | azl3_libtiff_4.6.0-10_on_azure_linux_3.0 | — | — |
| msrc | azl3_libtiff_4.6.0-11_on_azure_linux_3.0 | — | — |
| msrc | azl3_libtiff_4.6.0-7_on_azure_linux_3.0 | — | — |
| msrc | azl3_libtiff_4.6.0-8_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-10_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-11_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-6_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-8_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-9_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.13.3LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
nvdv4.01.9LOWCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.01.7LOWAV:L/AC:L/Au:S/C:N/I:N/A:P
osv4.8MEDIUM
vendor_debian4.8LOW
vendor_redhat4.8MEDIUM
vendor_msrc3.3LOW
vendor_ubuntu3.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2025-09-29·CVSS 3.3
CVE-2025-9900 [LOW] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF images. An attacker could possibly use
this issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-8961)
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF image headers. An attacker could
possibly use this issue to cause LibTIFF to leak memory, resulting in a
denial of service. (CVE-2025-9165)
It was discovered that LibTIFF incorrectly handled memory when parsing
malformed TIFF image metadata. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary cod
Red Hat
libtiff: LibTIFF memory corruption
vendor_redhat·2025-08-14·CVSS 4.8
CVE-2025-8961 [MEDIUM] CWE-119 libtiff: LibTIFF memory corruption
libtiff: LibTIFF memory corruption
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
A memory corruption flaw was found in libTIFF. This issue affects the May function of the tiffcrop.c file in the tiffcrop component. This attack needs to be approached locally.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Package: libtiff (Red Hat Enterprise Li
Microsoft
LibTIFF tiffcrop tiffcrop.c main memory corruption
vendor_msrc·2025-08-12·CVSS 3.3
CVE-2025-8961 [MEDIUM] CWE-119 LibTIFF tiffcrop tiffcrop.c main memory corruption
LibTIFF tiffcrop tiffcrop.c main memory corruption
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
VulDB: VulDB
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.micr
Debian
CVE-2025-8961: tiff - A weakness has been identified in LibTIFF 4.7.0. This affects the function main ...
vendor_debian·2025·CVSS 4.8
CVE-2025-8961 [MEDIUM] CVE-2025-8961: tiff - A weakness has been identified in LibTIFF 4.7.0. This affects the function main ...
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 4.7.0-5)
sid: resolved (fixed in 4.7.0-5)
trixie: resolved (fixed in 4.7.0-3+deb13u1)
OSV
tiff vulnerabilities
osv·2025-09-29·CVSS 4.8
CVE-2025-8961 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF images. An attacker could possibly use
this issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-8961)
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF image headers. An attacker could
possibly use this issue to cause LibTIFF to leak memory, resulting in a
denial of service. (CVE-2025-9165)
It was discovered that LibTIFF incorrectly handled memory when parsing
malformed TIFF image metadata. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. (CVE-2025-9900)
GHSA
GHSA-7vmv-3r46-2vxx: A vulnerability was identified in LibTIFF 4
ghsa_unreviewed·2025-08-14
CVE-2025-8961 [MEDIUM] CWE-119 GHSA-7vmv-3r46-2vxx: A vulnerability was identified in LibTIFF 4
A vulnerability was identified in LibTIFF 4.7.0. This issue affects the function May of the file tiffcrop.c of the component tiffcrop. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
OSV
CVE-2025-8961: A weakness has been identified in LibTIFF 4
osv·2025-08-14·CVSS 4.8
CVE-2025-8961 [MEDIUM] CVE-2025-8961: A weakness has been identified in LibTIFF 4
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-40177 kernel: accel/qaic: Fix bootlog initialization ordering
bugzilla·2025-11-12
CVE-2025-40177 CVE-2025-40177 kernel: accel/qaic: Fix bootlog initialization ordering
CVE-2025-40177 kernel: accel/qaic: Fix bootlog initialization ordering
In the Linux kernel, the following vulnerability has been resolved:
accel/qaic: Fix bootlog initialization ordering
As soon as we queue MHI buffers to receive the bootlog from the device,
we could be receiving data. Therefore all the resources needed to
process that data need to be setup prior to queuing the buffers.
We currently initialize some of the resources after queuing the buffers
which creates a race between the probe() and any data that comes back
from the device. If the uninitialized resources are accessed, we could
see page faults.
Fix the init ordering to close the race.
Discussion:
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025111255-CVE-2025-40177-8961@gregkh/T
Bugzilla
CVE-2025-8961 iv: LibTIFF memory corruption [fedora-42]
bugzilla·2025-08-14·CVSS 1.9
CVE-2025-8961 [LOW] CVE-2025-8961 iv: LibTIFF memory corruption [fedora-42]
CVE-2025-8961 iv: LibTIFF memory corruption [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are n
Bugzilla
CVE-2025-8961 mingw-libtiff: LibTIFF memory corruption [fedora-42]
bugzilla·2025-08-14·CVSS 1.9
CVE-2025-8961 [LOW] CVE-2025-8961 mingw-libtiff: LibTIFF memory corruption [fedora-42]
CVE-2025-8961 mingw-libtiff: LibTIFF memory corruption [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases
http://www.libtiff.org/https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharinghttps://gitlab.com/libtiff/libtiff/-/issues/721https://gitlab.com/libtiff/libtiff/-/issues/721#note_2670686960https://vuldb.com/?ctiid.319955https://vuldb.com/?id.319955https://vuldb.com/?submit.627957
2025-08-14
Published