Unrated severityNVD Advisory· Published Aug 11, 2025· Updated Aug 12, 2025
LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow
CVE-2025-8851
Description
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- osv-coords15 versionspkg:apk/chainguard/tiffpkg:apk/chainguard/tiff-devpkg:apk/chainguard/tiff-docpkg:apk/wolfi/tiffpkg:apk/wolfi/tiff-devpkg:apk/wolfi/tiff-docpkg:rpm/opensuse/tiff&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/tiff&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/tkimg&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Micro%206.2
< 4.7.0-r6+ 14 more
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.0-r6
- (no CPE)range: < 4.7.1-150600.3.23.1
- (no CPE)range: < 4.7.1-3.1
- (no CPE)range: < 2.1.0-1.1
- (no CPE)range: < 4.7.1-150600.3.23.1
- (no CPE)range: < 4.7.1-150600.3.23.1
- (no CPE)range: < 4.7.1-150600.3.23.1
- (no CPE)range: < 4.7.1-150600.3.23.1
- (no CPE)range: < 4.0.9-44.106.1
- (no CPE)range: < 4.7.1-160000.2.1
Patches
Vulnerability mechanics
References
5- gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3mitrepatch
- vuldb.commitrethird-party-advisory
- www.libtiff.orgmitreproduct
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.