]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dc842a6) | patch
tiff: fix CVE-2025-9900
authorYogita Urade <yogita.urade@windriver.com>
Tue, 30 Sep 2025 08:19:25 +0000 (13:49 +0530)
committerSteve Sakoman <steve@sakoman.com>
Tue, 30 Sep 2025 13:42:16 +0000 (06:42 -0700)
commitf4e5cdeccee02d3ea78db91d5dfdcfd017c40ee0
tree23947ac09a3b3edc308097770fa1ebe177b092b1tree | snapshot
parentdc842a631b178acd9c4f00c4a3b87831baf08ebbcommit | diff
tiff: fix CVE-2025-9900

A flaw was found in Libtiff. This vulnerability is a "write-what-where"
condition, triggered when the library processes a specially crafted TIFF
image file.[EOL][EOL]By providing an abnormally large image height value
in the file's metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location. This
memory corruption can be exploited to cause a denial of service (application
crash) or to achieve arbitrary code execution with the permissions of the user.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9900

Upstream patch:
https://gitlab.com/libtiff/libtiff/-/commit/3e0dcf0ec651638b2bd849b2e6f3124b36890d99

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-multimedia/libtiff/tiff/CVE-2025-9900.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib