git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Yogita Urade <yogita.urade@windriver.com>
	Tue, 30 Sep 2025 08:17:48 +0000 (13:47 +0530)
committer	Steve Sakoman <steve@sakoman.com>
	Wed, 1 Oct 2025 16:11:35 +0000 (09:11 -0700)
commit	c1303b8eb4e85a031a175867361876a256bfb763
tree	9fd9bebdf3a6c78e6452c569ec9679a1d68c45e7	tree \| snapshot
parent	55e0c38dc28b73fa689446e2d5e564d235a24084	commit \| diff

tiff: fix CVE-2025-9900

A flaw was found in Libtiff. This vulnerability is a "write-what-where"
condition, triggered when the library processes a specially crafted TIFF
image file.[EOL][EOL]By providing an abnormally large image height value
in the file's metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location. This
memory corruption can be exploited to cause a denial of service (application
crash) or to achieve arbitrary code execution with the permissions of the user.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9900

Upstream patch:
https://gitlab.com/libtiff/libtiff/-/commit/3e0dcf0ec651638b2bd849b2e6f3124b36890d99

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-multimedia/libtiff/tiff/CVE-2025-9900.patch	[new file with mode: 0644]	blob
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb		diff \| blob \| blame \| history