CLSA-2025-1758823373
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1758823373.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CLSA-2025-1758823373
- Upstream
- Published
- 2025-09-25T18:03:00Z
- Modified
- 2026-05-27T11:16:14.448955148Z
- Summary
- libtiff: Fix of 2 CVEs
- Details
-
- CVE-2025-8176: fix use after free vulnerability in get_histogram function that prevents proper scanline reading and processing in tools/tiffmedian.c
- CVE-2025-8177: fix array overflow in thumbnail generation that could cause buffer overflow when processing malformed TIFF files in tools/thumbnail.c
- References
Affected packages
TuxCare:AlmaLinux:9.2 / libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/tuxcare/libtiff?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / libtiff-devel
Package
- Name
- libtiff-devel
- Purl
- pkg:rpm/tuxcare/libtiff-devel?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / libtiff-static
Package
- Name
- libtiff-static
- Purl
- pkg:rpm/tuxcare/libtiff-static?distro=almalinux-9.2