CVE-2025-8176

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibTIFF versions up to 4.7.0

Description A critical issue exists in LibTIFF, specifically within the get histogram function located in the tools/tiffmedian.c file. This issue leads to a use-after-free condition, potentially allowing for local attacks. The exploit for this issue has been publicly disclosed.

Recommendations Apply the patch identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172 to resolve this issue.

Exploit

Fix

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

ALSA-2025:19113

ALSA-2025:19906

ALSA-2025:20034

ALSA-2025:20956

ALT-PU-2025-10179

ALT-PU-2025-10183

ALT-PU-2025-11213

ALT-PU-2025-11954

AZL-65973

AZL-65981

BDU:2025-13919

CESA-2025_19906

CESA-2025_20034

CVE-2025-8176

ECHO-3FCB-A0E8-6A1C

INFSA-2025_19113

INFSA-2025_19906

INFSA-2025_20034

INFSA-2025_20956

MGASA-2025-0240

MGASA-2025-0252

OPENSUSE-SU-2025:15417-1

OPENSUSE-SU-2025:20049-1

RHSA-2025:19113

RHSA-2025:19906

RHSA-2025:20034

RHSA-2025:20956

RHSA-2025:21407

RHSA-2025:21507

RHSA-2025:21508

RHSA-2025_19113

RHSA-2025_19906

RHSA-2025_20034

RHSA-2025_20956

RHSA-2026:0001

RHSA-2026:0076

RHSA-2026:0077

RHSA-2026:0078

SUSE-SU-2025:02770-1

SUSE-SU-2025:02771-1

SUSE-SU-2025:02815-1

SUSE-SU-2025:20971-1

SUSE-SU-2025:21009-1

SUSE-SU-2025:21032-1

SUSE-SU-2025:21037-1

SUSE-SU-2025_02770-1

SUSE-SU-2025_02771-1

SUSE-SU-2025_02815-1

USN-7707-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Libtiff

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-8176

Weakness Enumeration

Related Identifiers

Affected Products

References · 107