PT-2025-33864 · Libtiff+7 · Libtiff+7

Heureuxbuilding

Published

2025-08-04

Updated

2025-11-19

CVE-2025-9165

CVSS v3.1

2.5

Low

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.7.0

Description: A memory leak issue exists in LibTIFF due to the functions TIFFmallocExt, TIFFCheckRealloc, TIFFHashSetNew, and InitCCITTFax3 within the tools/tiffcmp.c file of the tiffcmp component. The issue is restricted to local execution.

Recommendations: Apply the patch ed141286a37f6e5ddafb5069347ff5d587e7a4e0 to resolve this issue.

Exploit

Fix

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

ALT-PU-2025-11161

ALT-PU-2025-11213

ALT-PU-2025-11483

ALT-PU-2025-11954

AZL-66542

AZL-66545

BDU:2025-12470

CVE-2025-9165

ECHO-0122-30BA-E03C

MGASA-2025-0252

OESA-2025-2190

OESA-2025-2191

OESA-2025-2192

OPENSUSE-SU-2025:15486-1

OPENSUSE-SU-2025:15556-1

OPENSUSE-SU-2025:20049-1

SUSE-SU-2025:03345-1

SUSE-SU-2025:03346-1

SUSE-SU-2025:03348-1

SUSE-SU-2025:20971-1

SUSE-SU-2025:21009-1

SUSE-SU-2025:21032-1

SUSE-SU-2025:21037-1

SUSE-SU-2025_03345-1

SUSE-SU-2025_03346-1

SUSE-SU-2025_03348-1

USN-7783-1

Affected Products

Alt Linux

Astra Linux

Debian

Libtiff

Linuxmint

Red Os

Suse

Ubuntu

PT-2025-33864 · Libtiff+7 · Libtiff+7

CVE-2025-9165

Weakness Enumeration

Related Identifiers

Affected Products

References · 86