Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian: tiff Critical Denial Of Service Advisory DSA-6023-1

debian
Calendar Grey October 10, 2025
Debian Logo
Upgrade recommended for Debian tiff package to prevent denial of service and arbitrary code execution risks due to input issues.
It was discovered that missing input sanitising in the libtiff library could result in denial of service or potentially the execution of arbitrary code if malformed image files are...

Summary

For the oldstable distribution (bookworm), this problem has been fixed
in version 4.5.0-6+deb12u3.

For the stable distribution (trixie), this problem has been fixed in
version 4.7.0-3+deb13u1.

We recommend that you upgrade your tiff packages.

For the detailed security status of tiff please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/tiff

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: tiff
CVE ID: CVE-2025-9900

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here