Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Fedora 42: libtiff Important Null Pointer Dereference CVE-2025-8534

fedora
Calendar Grey August 15, 2025
Scroller Fedora
The recent libtiff update in Fedora 42 addresses severe null pointer dereferences that affect applications handling TIFF file processing.
fixes CVE-2025-8534: null pointer dereference in tiff2p fixes CVE-2024-13978: null pointer dereference in tiff2pdf

Summary

The libtiff package contains a library of functions for manipulating

TIFF (Tagged Image File Format) image format files. TIFF is a widely

used file format for bitmapped images. TIFF files usually end in the

.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF

format image files.

Update Information:

fixes CVE-2025-8534: null pointer dereference in tiff2p fixes CVE-2024-13978: null pointer dereference in tiff2pdf

Change Log

* Tue Aug 12 2025 Michal Hlavinka - 4.7.0-7 - fix CVE-2024-13978: null pointer dereference in tiff2pdf (rhbz#2386201) - fix CVE-2025-8534: null pointer dereference in tiff2ps (rhbz#2386494)

References


[ 1 ] Bug #2386204 - CVE-2024-13978 libtiff: LibTIFF Null Pointer Dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2386204

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a78662be2c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: libtiff
Product: Fedora 42
Version: 4.7.0
Release: 7.fc42
Summary: Library of functions for manipulating TIFF format image files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.