CVE-2025-9165
published 2025-08-19CVE-2025-9165: A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of…
PriorityP48low2.5CVSS 3.1
AVLACHPRLUINSUCNINAL
EPSS
0.20%
9.5th percentile
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. A researcher disputes the security impact of this issue, because "this is a memory leak on a command line tool that is about to exit anyway". In the reply the project maintainer declares this issue as "a simple 'bug' when leaving the command line tool and (...) not a security issue at all".
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 4.7.0-4 (forky) | tiff 4.7.0-4 (forky) |
| libtiff | libtiff | — | — |
| msrc | azl3_libtiff_4.6.0-7_on_azure_linux_3.0 | — | — |
| msrc | azl3_libtiff_4.6.0-8_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-6_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libtiff_4.6.0-8_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.12.5LOWCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
nvdv4.01.1LOWCVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.01.0LOWAV:L/AC:H/Au:S/C:N/I:N/A:P
osv4.8MEDIUM
vendor_msrc5.5MEDIUM
vendor_ubuntu3.3LOW
vendor_debian2.0LOW
vendor_redhat2.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2025-09-29·CVSS 3.3
CVE-2025-9900 [LOW] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF images. An attacker could possibly use
this issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-8961)
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF image headers. An attacker could
possibly use this issue to cause LibTIFF to leak memory, resulting in a
denial of service. (CVE-2025-9165)
It was discovered that LibTIFF incorrectly handled memory when parsing
malformed TIFF image metadata. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary cod
Red Hat
libtiff: LibTIFF memory leak
vendor_redhat·2025-08-19·CVSS 2.0
CVE-2025-9165 [LOW] CWE-772 libtiff: LibTIFF memory leak
libtiff: LibTIFF memory leak
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. A researcher disputes the security impact of this issue, because "this is a memory leak on a command line tool that is about to exit anyway". In t
Microsoft
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
vendor_msrc·2025-08-12·CVSS 5.5
CVE-2025-9165 [LOW] CWE-401 LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
VulDB: VulDB
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.mic
Debian
CVE-2025-9165: tiff - A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt...
vendor_debian·2025·CVSS 2.0
CVE-2025-9165 [LOW] CVE-2025-9165: tiff - A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt...
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. A researcher disputes the security impact of this issue, because "this is a memory leak on a command line tool that is about to exit anyway". In the reply the project maintaine
OSV
tiff vulnerabilities
osv·2025-09-29·CVSS 4.8
CVE-2025-8961 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF images. An attacker could possibly use
this issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-8961)
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF image headers. An attacker could
possibly use this issue to cause LibTIFF to leak memory, resulting in a
denial of service. (CVE-2025-9165)
It was discovered that LibTIFF incorrectly handled memory when parsing
malformed TIFF image metadata. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. (CVE-2025-9900)
GHSA
GHSA-64vg-6m9q-6vr3: A flaw has been found in LibTIFF 4
ghsa_unreviewed·2025-08-19
CVE-2025-9165 [MEDIUM] CWE-401 GHSA-64vg-6m9q-6vr3: A flaw has been found in LibTIFF 4
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue.
OSV
CVE-2025-9165: A flaw has been found in LibTIFF 4
osv·2025-08-19·CVSS 2.0
CVE-2025-9165 [LOW] CVE-2025-9165: A flaw has been found in LibTIFF 4
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. A researcher disputes the security impact of this issue, because "this is a memory leak on a command line tool that is about to exit anyway". In the reply the project maintaine
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-9165 iv: LibTIFF memory leak [fedora-42]
bugzilla·2025-08-19·CVSS 1.1
CVE-2025-9165 [LOW] CVE-2025-9165 iv: LibTIFF memory leak [fedora-42]
CVE-2025-9165 iv: LibTIFF memory leak [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no long
Bugzilla
CVE-2025-9165 mingw-libtiff: LibTIFF memory leak [fedora-42]
bugzilla·2025-08-19·CVSS 1.1
CVE-2025-9165 [LOW] CVE-2025-9165 mingw-libtiff: LibTIFF memory leak [fedora-42]
CVE-2025-9165 mingw-libtiff: LibTIFF memory leak [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that
http://www.libtiff.org/https://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharinghttps://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0https://gitlab.com/libtiff/libtiff/-/issues/728https://gitlab.com/libtiff/libtiff/-/merge_requests/747https://vuldb.com/?ctiid.320543https://vuldb.com/?id.320543https://vuldb.com/?submit.630506https://vuldb.com/?submit.630507https://gitlab.com/libtiff/libtiff/-/issues/728#note_2709263214
2025-08-19
Published