libtiff-4.0.9-37.el8_10

エラータID: AXSA:2026-631:04

Release date: 
Monday, May 18, 2026 - 19:25
Subject: 
libtiff-4.0.9-37.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-4775
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.

Solution: 

Update packages.

CVEs: 
CVE-2026-4775
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.0.9-37.el8_10.src.rpm
    MD5: 36b6eb6b327ee750a63a9869ac9ba01f
    SHA-256: 5cfd9f332b4f10e67d89b873e515d576193e3bcd897c8ebda4e0017fafe035e6
    Size: 2.28 MB

Asianux Server 8 for x86_64
  1. libtiff-4.0.9-37.el8_10.i686.rpm
    MD5: 7f3627d3d718798d0045313a8a1afe9c
    SHA-256: 51f791f2f8af5df881ec83c4fee9278ad744635ccbb000754d328f160f4640cd
    Size: 204.54 kB
  2. libtiff-4.0.9-37.el8_10.x86_64.rpm
    MD5: 465dc4f1596a86a0386db40daa53c902
    SHA-256: adc9b69a94b3a069a5faf2d15db312fd1d8e331bfdfa7270aafcccd6d1da5d24
    Size: 189.91 kB
  3. libtiff-devel-4.0.9-37.el8_10.i686.rpm
    MD5: 1c91710e52c77d05315f896cf51ea007
    SHA-256: 468209587c8df05b23128ed393abc7cbad535b00a9189226288c9a512bc14e7e
    Size: 512.42 kB
  4. libtiff-devel-4.0.9-37.el8_10.x86_64.rpm
    MD5: 2492fee87d43daae207e9f1dd28d281e
    SHA-256: 28b8a854e0bea9072c01c071988d8629dca47d1b0a347cda43ecda3dc7a437aa
    Size: 512.41 kB
  5. libtiff-tools-4.0.9-37.el8_10.x86_64.rpm
    MD5: f55111fd3a4e306b79e71a21af0efa6c
    SHA-256: 10db4fa0b5d0379f1566f9f2d940fbc208181ed68fc06abd46c4b7e039fab8e6
    Size: 256.03 kB