Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 44 LibTiff Critical Buffer Overflow DoS Vuln 2026-cfbf964c2e

fedora
Calendar Grey July 17, 2026
Scroller Fedora
Fedora 44 updates libtiff to 4.7.2 addressing critical security issues related to code execution and DoS.
updated to 4.7.2, fixes security issues

Summary

The libtiff package contains a library of functions for manipulating

TIFF (Tagged Image File Format) image format files. TIFF is a widely

used file format for bitmapped images. TIFF files usually end in the

.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF

format image files.

Update Information:

updated to 4.7.2, fixes security issues

Change Log

* Mon Jul 13 2026 Michal Hlavinka - 4.7.2-1 - updated to 4.7.2 (#2496751)

References


[ 1 ] Bug #2450771 - CVE-2026-4775 libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2450771 [ 2 ] Bug #2494140 - CVE-2026-12912 libtiff: libtiff: Heap-based buffer overflow via crafted PixarLog-compressed TIFF image [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494140

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cfbf964c2e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libtiff
Product: Fedora 44
Version: 4.7.2
Release: 1.fc44
Summary: Library of functions for manipulating TIFF format image files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.