CVE-2026-4775 — Integer Overflow or Wraparound in Tiff

CWE-190 — Integer Overflow or Wraparound8 documents8 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 73.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Msrc Azl3 Libtiff 4.6.0-12 ON Azure Linux 3.0 Msrc Cbl2 Libtiff 4.6.0-12 ON CBL Mariner 2.0

Timeline

PublishedMar 24

Latest updateApr 9

Description

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶msrcmsrc/azl3_libtiff_4.6.0-12_on_azure_linux_3.0

▶msrcmsrc/cbl2_libtiff_4.6.0-12_on_cbl_mariner_2.0

▶debiandebian/tiff< tiff 4.5.0-6+deb12u4 (bookworm)

🔴Vulnerability Details

VulDB

LibTIFF TIFF File Parser putcontig8bitYCbCr44tile integer overflow (Nessus ID 303486 / WID-SEC-2026-1031)↗2026-04-09

▶

OSV

CVE-2026-4775: A flaw was found in the libtiff library↗2026-03-24

▶

GHSA

GHSA-cm99-m826-vgg7: A flaw was found in the libtiff library↗2026-03-24

▶

📋Vendor Advisories

Red Hat

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing↗2026-03-24

▶

Microsoft

Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing↗2026-03-10

▶

Debian

CVE-2026-4775: tiff - A flaw was found in the libtiff library. A remote attacker could exploit a signe...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-4775 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶