Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

Ubuntu 25.04: libtiff Moderate DoS Vulnerabilities USN-7707-1 CVE-2025-8176

ubuntu
Calendar Grey August 21, 2025
Dist Ubuntu Esm H88
Numerous Ubuntu releases updated to fix security flaws in LibTIFF, resolving multiple serious concerns.
Several security issues were fixed in LibTIFF.

Summary

Several security issues were fixed in LibTIFF.

Software Description:

- tiff: Tag Image File Format (TIFF) library

Details:

It was discovered that LibTIFF incorrectly handled certain memory

operations when using tiffmedian tool. An attacker could trick a user into

processing a specially crafted tiff image file and potentially use this

issue to cause a denial of service. (CVE-2025-8176)

It was discovered that LibTIFF did not properly perform bounds checking

in certain operations when using thumbnail tool. An attacker could trick

a user into processing a specially crafted tiff image file and

potentially use this issue to cause a denial of service. This issue only

affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2025-8177)

It was discovered that LibTIFF incorrectly handled certain memory

operations when using tiff2ps tool. An attacker could trick a user into

processing a specially crafted tiff image file and potentially use this

issue to cause a denial of service. (CVE...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libtiff-tools                   4.5.1+git230720-4ubuntu4.1
  libtiff6                        4.5.1+git230720-4ubuntu4.1

Ubuntu 24.04 LTS
  libtiff-tools                   4.5.1+git230720-4ubuntu2.3
  libtiff6                        4.5.1+git230720-4ubuntu2.3

Ubuntu 22.04 LTS
  libtiff-tools                   4.3.0-6ubuntu0.11
  libtiff5                        4.3.0-6ubuntu0.11

Ubuntu 20.04 LTS
  libtiff-tools                   4.1.0+git191117-2ubuntu0.20.04.14+esm1
                                  Available with Ubuntu Pro
  libtiff5                        4.1.0+git191117-2ubuntu0.20.04.14+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libtiff-tools                   4.0.9-5ubuntu0.10+esm8
                                  Available with Ubuntu Pro
  libtiff5                        4.0.9-5ubuntu0.10+esm8
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libtiff-tools                   4.0.6-1ubuntu0.8+esm18
                                  Available with Ubuntu Pro
  libtiff5                        4.0.6-1ubuntu0.8+esm18
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  libtiff-tools                   4.0.3-7ubuntu0.11+esm15
                                  Available with Ubuntu Pro
  libtiff5                        4.0.3-7ubuntu0.11+esm15
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7707-1

CVE-2025-8176, CVE-2025-8177, CVE-2025-8534, CVE-2025-8851

Ubuntu Security Notice USN-7707-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here