HIGHCVE-2026-4775Published Modified CNA redhat
CVE-2026-4775: Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0:3.9.4-13.el8_4.2
- Affected Products
- 30
Fix available
0:3.9.4-13.el8_4.20:3.9.4-13.el8_6.20:3.9.4-13.el8_8.20:3.9.4-15.el8_100:4.0.9-4.el8_100:4.0.9-18.el8_4.20:4.0.9-21.el8_6.20:4.0.9-29.el8_8.20:4.0.9-37.el8_100:4.2.0-3.el9_0.30:4.4.0-8.el9_2.50:4.4.0-12.el9_4.50:4.4.0-13.el9_6.40:4.4.0-15.el9_7.30:4.4.0-18.el9_80:4.6.0-6.el10_0.30:4.6.0-6.el10_1.30:4.6.0-8.el10_2.1
Affected packages
- Red Hat / Red Hat Enterprise Linux 10Fixed in 0:4.6.0-6.el10_1.3
- Red Hat / Red Hat Enterprise Linux 10Fixed in 0:4.6.0-8.el10_2.1
- Red Hat / Red Hat Enterprise Linux 10.0 Extended Update SupportFixed in 0:4.6.0-6.el10_0.3
- Red Hat / Red Hat Enterprise Linux 8Fixed in 0:4.0.9-37.el8_10
- Red Hat / Red Hat Enterprise Linux 8Fixed in 0:3.9.4-15.el8_10
- Red Hat / Red Hat Enterprise Linux 8Fixed in 0:4.0.9-4.el8_10
- Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportFixed in 0:4.0.9-18.el8_4.2
- Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportFixed in 0:3.9.4-13.el8_4.2
- Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnFixed in 0:4.0.9-18.el8_4.2
- Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnFixed in 0:3.9.4-13.el8_4.2
- Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportFixed in 0:4.0.9-21.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportFixed in 0:3.9.4-13.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceFixed in 0:4.0.9-21.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceFixed in 0:3.9.4-13.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsFixed in 0:4.0.9-21.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsFixed in 0:3.9.4-13.el8_6.2
- Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceFixed in 0:4.0.9-29.el8_8.2
- Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceFixed in 0:3.9.4-13.el8_8.2
- Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsFixed in 0:4.0.9-29.el8_8.2
- Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsFixed in 0:3.9.4-13.el8_8.2
- Red Hat / Red Hat Enterprise Linux 9Fixed in 0:4.4.0-15.el9_7.3
- Red Hat / Red Hat Enterprise Linux 9Fixed in 0:4.4.0-18.el9_8
- Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsFixed in 0:4.2.0-3.el9_0.3
- Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsFixed in 0:4.4.0-8.el9_2.5
- Red Hat / Red Hat Enterprise Linux 9.4 Extended Update SupportFixed in 0:4.4.0-12.el9_4.5
- Red Hat / Red Hat Enterprise Linux 9.6 Extended Update SupportFixed in 0:4.4.0-13.el9_6.4
- Red Hat / Red Hat Enterprise Linux 6
- Red Hat / Red Hat Enterprise Linux 7
- Red Hat / Red Hat Enterprise Linux 7
- Red Hat / Red Hat Hardened Images
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences