PT-2025-33864 · Libtiff+7 · Libtiff+7

Heureuxbuilding

Publicado

2025-08-04

Atualizado

2025-11-19

CVE-2025-9165

CVSS v3.1

2.5

Baixa

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.7.0

Description: A memory leak issue exists in LibTIFF due to the functions TIFFmallocExt, TIFFCheckRealloc, TIFFHashSetNew, and InitCCITTFax3 within the tools/tiffcmp.c file of the tiffcmp component. The issue is restricted to local execution.

Recommendations: Apply the patch ed141286a37f6e5ddafb5069347ff5d587e7a4e0 to resolve this issue.

Exploit

Correção

Improper Resource Release

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-404CWE-401

Identificadores relacionados

ALT-PU-2025-11161

ALT-PU-2025-11213

ALT-PU-2025-11483

ALT-PU-2025-11954

AZL-66542

AZL-66545

BDU:2025-12470

CVE-2025-9165

ECHO-0122-30BA-E03C

MGASA-2025-0252

OESA-2025-2190

OESA-2025-2191

OESA-2025-2192

OPENSUSE-SU-2025:15486-1

OPENSUSE-SU-2025:15556-1

OPENSUSE-SU-2025:20049-1

SUSE-SU-2025:03345-1

SUSE-SU-2025:03346-1

SUSE-SU-2025:03348-1

SUSE-SU-2025:20971-1

SUSE-SU-2025:21009-1

SUSE-SU-2025:21032-1

SUSE-SU-2025:21037-1

SUSE-SU-2025_03345-1

SUSE-SU-2025_03346-1

SUSE-SU-2025_03348-1

USN-7783-1

Produtos afetados

Alt Linux

Astra Linux

Debian

Libtiff

Linuxmint

Red Os

Suse

Ubuntu

PT-2025-33864 · Libtiff+7 · Libtiff+7

CVE-2025-9165

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 86