CVE-2025-9900
Advisory
ALSA-2025:20956
Important: libtiff security update
ecosystem: alma:9The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176) * libtiff: Libtiff Write-What-Where (CVE-2025-9900) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
- errata.almalinux.org: https://access.redhat.com/errata/RHSA-2025:20956
- errata.almalinux.org: https://access.redhat.com/security/cve/CVE-2025-8176
- errata.almalinux.org: https://access.redhat.com/security/cve/CVE-2025-9900
- errata.almalinux.org: https://bugzilla.redhat.com/2383598
- errata.almalinux.org: https://bugzilla.redhat.com/2392784
- errata.almalinux.org: https://errata.almalinux.org/9/ALSA-2025-20956.html
published: 2025-11-11 00:00:00
modified: 2025-11-19 09:30:23
Vulnerability
CVE-2025-9900
CVE-2025-9900
ecosystem: alma:9References
- errata.almalinux.org: https://access.redhat.com/security/cve/CVE-2025-9900
Detection
alma-errata
OR
rpm
compat-libtiff3
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:3.9.4-14.el8_10
fixed
0:3.9.4-14.el8_10
alma-errata
OR
rpm
libtiff
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.0.9-35.el8_10
fixed
0:4.0.9-35.el8_10
rpm
libtiff-devel
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.0.9-35.el8_10
fixed
0:4.0.9-35.el8_10
rpm
libtiff-tools
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.0.9-35.el8_10
fixed
0:4.0.9-35.el8_10
alma-errata
OR
rpm
mingw32-libtiff
package type: binary
Architectures
- noarch
Affected version range
less than
0:4.0.9-3.el8_10
fixed
0:4.0.9-3.el8_10
rpm
mingw32-libtiff-static
package type: binary
Architectures
- noarch
Affected version range
less than
0:4.0.9-3.el8_10
fixed
0:4.0.9-3.el8_10
rpm
mingw64-libtiff
package type: binary
Architectures
- noarch
Affected version range
less than
0:4.0.9-3.el8_10
fixed
0:4.0.9-3.el8_10
rpm
mingw64-libtiff-static
package type: binary
Architectures
- noarch
Affected version range
less than
0:4.0.9-3.el8_10
fixed
0:4.0.9-3.el8_10
alma-errata
OR
rpm
libtiff
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-13.el9_6.2
fixed
0:4.4.0-13.el9_6.2
rpm
libtiff-devel
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-13.el9_6.2
fixed
0:4.4.0-13.el9_6.2
rpm
libtiff-tools
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-13.el9_6.2
fixed
0:4.4.0-13.el9_6.2
alma-errata
OR
rpm
libtiff
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-15.el9_7.2
fixed
0:4.4.0-15.el9_7.2
rpm
libtiff-devel
package type: binary
Architectures
- aarch64
- i686
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-15.el9_7.2
fixed
0:4.4.0-15.el9_7.2
rpm
libtiff-tools
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
Affected version range
less than
0:4.4.0-15.el9_7.2
fixed
0:4.4.0-15.el9_7.2
alma-errata
OR
rpm
libtiff
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
- x86_64_v2
Affected version range
less than
0:4.6.0-6.el10_1.1
fixed
0:4.6.0-6.el10_1.1
rpm
libtiff-devel
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
- x86_64_v2
Affected version range
less than
0:4.6.0-6.el10_1.1
fixed
0:4.6.0-6.el10_1.1
rpm
libtiff-tools
package type: binary
Architectures
- aarch64
- ppc64le
- s390x
- x86_64
- x86_64_v2
Affected version range
less than
0:4.6.0-6.el10_1.1
fixed
0:4.6.0-6.el10_1.1
Data Sources
- AlmaLinux Errata
alma-errata
