-------------------------------------------------------------------------
Debian LTS Advisory DLA-4315-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Jochen Sprickerhof
September 30, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------
Package : tiff
Version : 4.2.0-1+deb11u7
CVE ID : CVE-2024-13978 CVE-2025-9900
Debian Bug :
Multiple vulnerabilities were fixed in tiff, a library and tools
providing support for the Tag Image File Format (TIFF).
CVE-2024-13978
Affected by this vulnerability is the function t2p_read_tiff_init of
the file tools/tiff2pdf.c of the component fax2ps. The manipulation
leads to null pointer dereference. The attack needs to be approached
locally. The complexity of an attack is rather high. The exploitation
appears to be difficult.
CVE-2025-9900
This vulnerability is a "write-what-where" condition, triggered
when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's
metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location.
This memory corruption can be exploited to cause a denial of
service (application crash) or to achieve arbitrary code execution
with the permissions of the user.
For Debian 11 bullseye, these problems have been fixed in version
4.2.0-1+deb11u7.
We recommend that you upgrade your tiff packages.
For the detailed security status of tiff please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tiff
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature