CVE-2025-8851

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions: LibTIFF versions prior to 4.5.1

Description: A stack-based buffer overflow issue exists in the tiffcrop component of LibTIFF, specifically within the readSeparateStripsetoBuffer function located in the tools/tiffcrop.c file. Local access is required for exploitation.

Recommendations: Apply the patch identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3.

Exploit

Fix

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

ALT-PU-2025-11161

ALT-PU-2025-11213

ALT-PU-2025-11483

AZL-66258

AZL-66282

BDU:2025-13922

CVE-2025-8851

ECHO-0263-9519-53E9

OESA-2025-2048

OESA-2025-2091

OESA-2025-2192

OPENSUSE-SU-2025:15556-1

OPENSUSE-SU-2025:15682-1

SUSE-SU-2025:3957-1

SUSE-SU-2025:3989-1

SUSE-SU-2025_3957-1

SUSE-SU-2025_3989-1

USN-7707-1

Affected Products

Alt Linux

Debian

Libtiff

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-8851

Weakness Enumeration

Related Identifiers

Affected Products

References · 48