vulnerability

Ubuntu: USN-7783-1 (CVE-2025-9165): LibTIFF vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
1	(AV:L/AC:H/Au:S/C:N/I:N/A:P)	Aug 19, 2025	Sep 30, 2025	Oct 6, 2025

Severity

CVSS

(AV:L/AC:H/Au:S/C:N/I:N/A:P)

Published

Aug 19, 2025

Added

Sep 30, 2025

Modified

Oct 6, 2025

Description

Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF images. An attacker could possibly use
this issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-8961)

Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled
memory when parsing malformed TIFF image headers. An attacker could
possibly use this issue to cause LibTIFF to leak memory, resulting in a
denial of service. (CVE-2025-9165)

It was discovered that LibTIFF incorrectly handled memory when parsing
malformed TIFF image metadata. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. (CVE-2025-9900)

Solutions

ubuntu-pro-upgrade-libtiff5ubuntu-pro-upgrade-libtiff6

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today