Security update for tiff SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:3957-1 Final 1 1 2025-11-05T15:45:20Z current 2025-11-05T15:45:20Z 2025-11-05T15:45:20Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tiff This update for tiff fixes the following issues: Update to 4.7.1: - CVE-2025-8851: Fixed stack-based buffer overflow (bsc#1248278). - CVE-2025-9900: Fixed write-what-where via TIFFReadRGBAImageOriented (bsc#1250413). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container containers/open-webui:0-2025-3957,Container suse/kiosk/firefox-esr:latest-2025-3957,Container suse/kiosk/xorg:latest-2025-3957,SUSE-2025-3957,SUSE-SLE-Module-Basesystem-15-SP6-2025-3957,SUSE-SLE-Module-Basesystem-15-SP7-2025-3957,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3957,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3957,openSUSE-SLE-15.6-2025-3957 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20253957-1/ Link for SUSE-SU-2025:3957-1 https://lists.suse.com/pipermail/sle-security-updates/2025-November/023161.html E-Mail link for SUSE-SU-2025:3957-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1248278 SUSE Bug 1248278 https://bugzilla.suse.com/1250413 SUSE Bug 1250413 https://www.suse.com/security/cve/CVE-2025-8851/ SUSE CVE CVE-2025-8851 page https://www.suse.com/security/cve/CVE-2025-9900/ SUSE CVE CVE-2025-9900 page Container containers/open-webui:0 Container suse/kiosk/firefox-esr:latest Container suse/kiosk/xorg:latest SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Package Hub 15 SP6 SUSE Linux Enterprise Module for Package Hub 15 SP7 openSUSE Leap 15.6 libtiff6-4.7.1-150600.3.23.1 libtiff-devel-4.7.1-150600.3.23.1 libtiff-devel-32bit-4.7.1-150600.3.23.1 libtiff-devel-64bit-4.7.1-150600.3.23.1 libtiff-devel-docs-4.7.1-150600.3.23.1 libtiff6-32bit-4.7.1-150600.3.23.1 libtiff6-64bit-4.7.1-150600.3.23.1 tiff-4.7.1-150600.3.23.1 tiff-docs-4.7.1-150600.3.23.1 libtiff6-4.7.1-150600.3.23.1 as a component of Container containers/open-webui:0 libtiff6-4.7.1-150600.3.23.1 as a component of Container suse/kiosk/firefox-esr:latest libtiff6-4.7.1-150600.3.23.1 as a component of Container suse/kiosk/xorg:latest libtiff-devel-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libtiff6-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libtiff6-32bit-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libtiff-devel-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libtiff6-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libtiff6-32bit-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 tiff-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 tiff-4.7.1-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP7 libtiff-devel-4.7.1-150600.3.23.1 as a component of openSUSE Leap 15.6 libtiff-devel-32bit-4.7.1-150600.3.23.1 as a component of openSUSE Leap 15.6 libtiff6-4.7.1-150600.3.23.1 as a component of openSUSE Leap 15.6 libtiff6-32bit-4.7.1-150600.3.23.1 as a component of openSUSE Leap 15.6 tiff-4.7.1-150600.3.23.1 as a component of openSUSE Leap 15.6 A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue. CVE-2025-8851 Container containers/open-webui:0:libtiff6-4.7.1-150600.3.23.1 Container suse/kiosk/firefox-esr:latest:libtiff6-4.7.1-150600.3.23.1 Container suse/kiosk/xorg:latest:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff-devel-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff6-32bit-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff-devel-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff6-32bit-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:tiff-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Package Hub 15 SP7:tiff-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff-devel-32bit-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff-devel-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff6-32bit-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff6-4.7.1-150600.3.23.1 openSUSE Leap 15.6:tiff-4.7.1-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253957-1/ https://www.suse.com/security/cve/CVE-2025-8851.html CVE-2025-8851 https://bugzilla.suse.com/1248274 SUSE Bug 1248274 A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. CVE-2025-9900 Container containers/open-webui:0:libtiff6-4.7.1-150600.3.23.1 Container suse/kiosk/firefox-esr:latest:libtiff6-4.7.1-150600.3.23.1 Container suse/kiosk/xorg:latest:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff-devel-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff6-32bit-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff-devel-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff6-32bit-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libtiff6-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:tiff-4.7.1-150600.3.23.1 SUSE Linux Enterprise Module for Package Hub 15 SP7:tiff-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff-devel-32bit-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff-devel-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff6-32bit-4.7.1-150600.3.23.1 openSUSE Leap 15.6:libtiff6-4.7.1-150600.3.23.1 openSUSE Leap 15.6:tiff-4.7.1-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253957-1/ https://www.suse.com/security/cve/CVE-2025-9900.html CVE-2025-9900 https://bugzilla.suse.com/1250404 SUSE Bug 1250404