Mageia 9 libtiff Critical NULL Reference Stack Overflow Fix MGASA-2026-0106
mageia
April 21, 2026
MGASA-2026-0105 - Updated libtiff packages fix security vulnerabilities
Summary
Description:
libtiff up to v4.7.1 was discovered to contain a NULL pointer
dereference via the component libtiff/tif_open.c. (CVE-2025-61143)
libtiff up to v4.7.1 was discovered to contain a stack overflow via the
readSeparateStripsIntoBuffer function. (CVE-2025-61144)
References
- https://bugs.mageia.org/show_bug.cgi?id=35268
- https://ubuntu.com/security/notices/USN-8113-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61143
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61144
Topics Covered
Resolution
SRPMS
- 9/core/libtiff-4.5.1-1.7.mga9
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 21 Apr 2026
URL: https://advisories.mageia.org/MGASA-2026-0105.html
Type: security
CVE: CVE-2025-61143, CVE-2025-61144
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!