| Package | tiff |
|---|---|
| Version | 4.0.8-2+deb9u14 (stretch), 4.1.0+git191117-2~deb10u11 (buster) |
| Related CVEs | CVE-2024-13978 CVE-2025-9900 |
Multiple vulnerabilities were fixed in tiff, a library and tools providing support for the Tag Image File Format (TIFF).
- CVE-2024-13978
-
Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult.
- CVE-2025-9900
-
This vulnerability is a “write-what-where” condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file’s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
For Debian 10 buster, these problems have been fixed in version 4.1.0+git191117-2~deb10u11.
For Debian 9 stretch, these problems have been fixed in version 4.0.8-2+deb9u14.
We recommend that you upgrade your tiff packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.