UBUNTU-CVE-2025-8961
- Source
- https://ubuntu.com/security/CVE-2025-8961
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-8961.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-8961
- Upstream
- Downstream
- Related
- Published
- 2025-08-14T13:15:00Z
- Modified
- 2026-01-20T20:13:11.080084Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- 1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
- References
-
- https://ubuntu.com/security/CVE-2025-8961
- https://www.cve.org/CVERecord?id=CVE-2025-8961
- https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharing
- https://vuldb.com/?ctiid.319955
- https://vuldb.com/?id.319955
- https://vuldb.com/?submit.627957
- https://ubuntu.com/security/notices/USN-7783-1
Affected packages
Ubuntu:22.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.3.0-6ubuntu0.12?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.0-6ubuntu0.12
Affected versions
4.*
4.3.0-1
4.3.0-2
4.3.0-3
4.3.0-3build1
4.3.0-4
4.3.0-5
4.3.0-6
4.3.0-6ubuntu0.1
4.3.0-6ubuntu0.2
4.3.0-6ubuntu0.3
4.3.0-6ubuntu0.4
4.3.0-6ubuntu0.5
4.3.0-6ubuntu0.6
4.3.0-6ubuntu0.7
4.3.0-6ubuntu0.8
4.3.0-6ubuntu0.9
4.3.0-6ubuntu0.10
4.3.0-6ubuntu0.11
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "No subscription required",
"binaries": [
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiff5"
},
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.3.0-6ubuntu0.12",
"binary_name": "libtiffxx5"
}
]
}Ubuntu:24.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.5.1+git230720-4ubuntu2.4?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.5.1+git230720-4ubuntu2.4
Affected versions
4.*
4.5.1+git230720-1ubuntu1
4.5.1+git230720-3ubuntu1
4.5.1+git230720-4ubuntu1
4.5.1+git230720-4ubuntu2
4.5.1+git230720-4ubuntu2.1
4.5.1+git230720-4ubuntu2.2
4.5.1+git230720-4ubuntu2.3
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "No subscription required",
"binaries": [
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiff6"
},
{
"binary_version": "4.5.1+git230720-4ubuntu2.4",
"binary_name": "libtiffxx6"
}
]
}Ubuntu:25.10
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.7.0-3ubuntu3?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.7.0-3ubuntu3
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "No subscription required",
"binaries": [
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiff6"
},
{
"binary_version": "4.7.0-3ubuntu3",
"binary_name": "libtiffxx6"
}
]
}Ubuntu:Pro:14.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.3-7ubuntu0.11+esm16?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.3-7ubuntu0.11+esm16
Affected versions
4.*
4.0.2-4ubuntu3
4.0.3-5ubuntu1
4.0.3-6
4.0.3-6ubuntu1
4.0.3-7
4.0.3-7ubuntu0.1
4.0.3-7ubuntu0.2
4.0.3-7ubuntu0.3
4.0.3-7ubuntu0.4
4.0.3-7ubuntu0.6
4.0.3-7ubuntu0.7
4.0.3-7ubuntu0.8
4.0.3-7ubuntu0.9
4.0.3-7ubuntu0.10
4.0.3-7ubuntu0.11
4.0.3-7ubuntu0.11+esm1
4.0.3-7ubuntu0.11+esm2
4.0.3-7ubuntu0.11+esm3
4.0.3-7ubuntu0.11+esm4
4.0.3-7ubuntu0.11+esm5
4.0.3-7ubuntu0.11+esm6
4.0.3-7ubuntu0.11+esm7
4.0.3-7ubuntu0.11+esm8
4.0.3-7ubuntu0.11+esm9
4.0.3-7ubuntu0.11+esm10
4.0.3-7ubuntu0.11+esm11
4.0.3-7ubuntu0.11+esm12
4.0.3-7ubuntu0.11+esm13
4.0.3-7ubuntu0.11+esm14
4.0.3-7ubuntu0.11+esm15
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff4-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff5-alt-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.3-7ubuntu0.11+esm16",
"binary_name": "libtiffxx5"
}
]
}Ubuntu:Pro:16.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.6-1ubuntu0.8+esm19?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.6-1ubuntu0.8+esm19
Affected versions
4.*
4.0.3-12.3ubuntu2
4.0.5-1
4.0.6-1
4.0.6-1ubuntu0.1
4.0.6-1ubuntu0.2
4.0.6-1ubuntu0.3
4.0.6-1ubuntu0.4
4.0.6-1ubuntu0.5
4.0.6-1ubuntu0.6
4.0.6-1ubuntu0.7
4.0.6-1ubuntu0.8
4.0.6-1ubuntu0.8+esm1
4.0.6-1ubuntu0.8+esm2
4.0.6-1ubuntu0.8+esm3
4.0.6-1ubuntu0.8+esm4
4.0.6-1ubuntu0.8+esm6
4.0.6-1ubuntu0.8+esm7
4.0.6-1ubuntu0.8+esm8
4.0.6-1ubuntu0.8+esm9
4.0.6-1ubuntu0.8+esm10
4.0.6-1ubuntu0.8+esm11
4.0.6-1ubuntu0.8+esm12
4.0.6-1ubuntu0.8+esm13
4.0.6-1ubuntu0.8+esm14
4.0.6-1ubuntu0.8+esm15
4.0.6-1ubuntu0.8+esm16
4.0.6-1ubuntu0.8+esm17
4.0.6-1ubuntu0.8+esm18
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "4.0.6-1ubuntu0.8+esm19",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.6-1ubuntu0.8+esm19",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.6-1ubuntu0.8+esm19",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.6-1ubuntu0.8+esm19",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.6-1ubuntu0.8+esm19",
"binary_name": "libtiffxx5"
}
]
}Ubuntu:Pro:18.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.0.9-5ubuntu0.10+esm9?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.9-5ubuntu0.10+esm9
Affected versions
4.*
4.0.8-5
4.0.8-6
4.0.9-1
4.0.9-2
4.0.9-3
4.0.9-4
4.0.9-4ubuntu1
4.0.9-5
4.0.9-5ubuntu0.1
4.0.9-5ubuntu0.2
4.0.9-5ubuntu0.3
4.0.9-5ubuntu0.4
4.0.9-5ubuntu0.5
4.0.9-5ubuntu0.6
4.0.9-5ubuntu0.7
4.0.9-5ubuntu0.8
4.0.9-5ubuntu0.9
4.0.9-5ubuntu0.10
4.0.9-5ubuntu0.10+esm1
4.0.9-5ubuntu0.10+esm2
4.0.9-5ubuntu0.10+esm3
4.0.9-5ubuntu0.10+esm4
4.0.9-5ubuntu0.10+esm5
4.0.9-5ubuntu0.10+esm6
4.0.9-5ubuntu0.10+esm7
4.0.9-5ubuntu0.10+esm8
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiff5"
},
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.0.9-5ubuntu0.10+esm9",
"binary_name": "libtiffxx5"
}
]
}Ubuntu:Pro:20.04:LTS
tiff
Package
- Name
- tiff
- Purl
- pkg:deb/ubuntu/tiff@4.1.0+git191117-2ubuntu0.20.04.14+esm2?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.0+git191117-2ubuntu0.20.04.14+esm2
Affected versions
4.*
4.0.10+git191003-1
4.1.0+git191117-1
4.1.0+git191117-2
4.1.0+git191117-2build1
4.1.0+git191117-2ubuntu0.20.04.1
4.1.0+git191117-2ubuntu0.20.04.2
4.1.0+git191117-2ubuntu0.20.04.3
4.1.0+git191117-2ubuntu0.20.04.4
4.1.0+git191117-2ubuntu0.20.04.5
4.1.0+git191117-2ubuntu0.20.04.6
4.1.0+git191117-2ubuntu0.20.04.7
4.1.0+git191117-2ubuntu0.20.04.8
4.1.0+git191117-2ubuntu0.20.04.9
4.1.0+git191117-2ubuntu0.20.04.10
4.1.0+git191117-2ubuntu0.20.04.11
4.1.0+git191117-2ubuntu0.20.04.12
4.1.0+git191117-2ubuntu0.20.04.13
4.1.0+git191117-2ubuntu0.20.04.14
4.1.0+git191117-2ubuntu0.20.04.14+esm1
Ecosystem specific
{
"priority_reason": "only a DoS in command-line tool",
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiff-dev"
},
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiff-opengl"
},
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiff-tools"
},
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiff5"
},
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiff5-dev"
},
{
"binary_version": "4.1.0+git191117-2ubuntu0.20.04.14+esm2",
"binary_name": "libtiffxx5"
}
]
}