Issued:: 2025-11-10
Updated:: 2025-11-10

RHSA-2025:20034 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libtiff security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

BZ - 2383598 - CVE-2025-8176 libtiff: LibTIFF Use-After-Free Vulnerability

CVEs

CVE-2025-8176

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
libtiff-4.0.9-36.el8_10.src.rpm	SHA-256: e853583ea70f6d4e8daca855e4fb3a71a7db395187babc8d04c281f2ec9cf5d7
x86_64
libtiff-4.0.9-36.el8_10.i686.rpm	SHA-256: 24acbe1204ef44359c96a12715dce9502beeeced74b9a6b5c1e41d41e2111dcb
libtiff-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 027a297a19fa2be4d987fe93b397debd215995f2aefe5b880df6a4d08426facc
libtiff-debuginfo-4.0.9-36.el8_10.i686.rpm	SHA-256: 75e7ff579342558fdccb46626f56adf2f6d07aa4f528f89c2c3425c18592ac29
libtiff-debuginfo-4.0.9-36.el8_10.x86_64.rpm	SHA-256: e436e3977a07472f3edafc1b03192e5ac6d41917c3443c855362858d38b82c6b
libtiff-debugsource-4.0.9-36.el8_10.i686.rpm	SHA-256: 8ee3df65db04800c0cfcbb2e12dc3cbe596d12fd6535308e6308fb3004d642d7
libtiff-debugsource-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 56714d38951235fd37ffafffb8ab11742b83ec6f05374d3c3e638a4a777db065
libtiff-devel-4.0.9-36.el8_10.i686.rpm	SHA-256: e6faf734d70dad46807c81ca0879ae0d8d30c7ae4168672275430ff8b344b6a7
libtiff-devel-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 7eb41a143e77f939c68cad16c9b6ced29b390564dee93f7bab6da36663c2c80d
libtiff-tools-debuginfo-4.0.9-36.el8_10.i686.rpm	SHA-256: df3b07b5fbaefb75b7c2310b9c9581f5addccf124815a78b7da5b8b7f38627c2
libtiff-tools-debuginfo-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 4873d63a07bf27aa89ba1afaa137032dce9406ae0b022bafbf3d17f13f4dfb5a

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
libtiff-4.0.9-36.el8_10.src.rpm	SHA-256: e853583ea70f6d4e8daca855e4fb3a71a7db395187babc8d04c281f2ec9cf5d7
s390x
libtiff-4.0.9-36.el8_10.s390x.rpm	SHA-256: eac5bb0d8bb92762bd79870a2b8c76a1c6f75c31bdb87696975a7ed94ea2474c
libtiff-debuginfo-4.0.9-36.el8_10.s390x.rpm	SHA-256: cf7659b0d5fd0e0be94cb81e970b37c6ad120cdd5a88464d079f2302f0702cac
libtiff-debugsource-4.0.9-36.el8_10.s390x.rpm	SHA-256: 87116bc3a413dd1371810dfcfb5ebb96099a5812a89dbdae6ba2ac7f13f20696
libtiff-devel-4.0.9-36.el8_10.s390x.rpm	SHA-256: 62abf528d01b85bcbdb2142d520b9f5c00453bd5630a95cc32912b8a2e2b9e87
libtiff-tools-debuginfo-4.0.9-36.el8_10.s390x.rpm	SHA-256: c448b3f923eeeed0d99319de96f9f1cddb819a980bb9a66b78c359c8b0cd8bda

Red Hat Enterprise Linux for Power, little endian 8

SRPM
libtiff-4.0.9-36.el8_10.src.rpm	SHA-256: e853583ea70f6d4e8daca855e4fb3a71a7db395187babc8d04c281f2ec9cf5d7
ppc64le
libtiff-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 2bbec4b30669f725835a5938fa1b70575c07498688846b893a7645d43a8f9d2b
libtiff-debuginfo-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 76c7b486c57799be458294e917b14efc79ae32f3ec891a7af0cc35e92bcc186a
libtiff-debugsource-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: ee2b6002c3806de9222a975d5c7763a2f47037a2f9df7350252a9be8c267d6dd
libtiff-devel-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 5589ae0a6d8e2bbcfb0b8118df56916852ed6163f026a087e836071862bfafe6
libtiff-tools-debuginfo-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 167bd593df0bd2e1d459464edef4a783ac286900e975e89bca581075a88c7055

Red Hat Enterprise Linux for ARM 64 8

SRPM
libtiff-4.0.9-36.el8_10.src.rpm	SHA-256: e853583ea70f6d4e8daca855e4fb3a71a7db395187babc8d04c281f2ec9cf5d7
aarch64
libtiff-4.0.9-36.el8_10.aarch64.rpm	SHA-256: ca206d1a66e057595fba72afb1682b840fa2f01dd77c8318a1c1ce7439366c54
libtiff-debuginfo-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 97a4d759c69017a10567de25a9106522fe376bccfb491ea0b55efb5123027499
libtiff-debugsource-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 33e2e4ff62184d1e239f2412845cb4199bae92284c90035ac81d4e7bc942c10d
libtiff-devel-4.0.9-36.el8_10.aarch64.rpm	SHA-256: ebac3ee270492cf8c3ec6a541ac31f9d3010cd4c26850333585c737533a0caee
libtiff-tools-debuginfo-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 7060b8560b5ef8980b09faa6996956906a5210a623976e3824d8b6bbe4d30f9d

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
libtiff-debuginfo-4.0.9-36.el8_10.x86_64.rpm	SHA-256: e436e3977a07472f3edafc1b03192e5ac6d41917c3443c855362858d38b82c6b
libtiff-debugsource-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 56714d38951235fd37ffafffb8ab11742b83ec6f05374d3c3e638a4a777db065
libtiff-tools-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 83c4fc789b18bc3f38451e383f80a016f9745446a20f44366ecc5408360c077e
libtiff-tools-debuginfo-4.0.9-36.el8_10.x86_64.rpm	SHA-256: 4873d63a07bf27aa89ba1afaa137032dce9406ae0b022bafbf3d17f13f4dfb5a

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
libtiff-debuginfo-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 76c7b486c57799be458294e917b14efc79ae32f3ec891a7af0cc35e92bcc186a
libtiff-debugsource-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: ee2b6002c3806de9222a975d5c7763a2f47037a2f9df7350252a9be8c267d6dd
libtiff-tools-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 66abc0714b3f621ddf21588d36c57beed4988580326abc6ddea4d52bacefc0dd
libtiff-tools-debuginfo-4.0.9-36.el8_10.ppc64le.rpm	SHA-256: 167bd593df0bd2e1d459464edef4a783ac286900e975e89bca581075a88c7055

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
libtiff-debuginfo-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 97a4d759c69017a10567de25a9106522fe376bccfb491ea0b55efb5123027499
libtiff-debugsource-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 33e2e4ff62184d1e239f2412845cb4199bae92284c90035ac81d4e7bc942c10d
libtiff-tools-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 2e1caf36adcc4b7bf9db6e26e890ee2075371201f68167c731487079ebc683b8
libtiff-tools-debuginfo-4.0.9-36.el8_10.aarch64.rpm	SHA-256: 7060b8560b5ef8980b09faa6996956906a5210a623976e3824d8b6bbe4d30f9d

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
libtiff-debuginfo-4.0.9-36.el8_10.s390x.rpm	SHA-256: cf7659b0d5fd0e0be94cb81e970b37c6ad120cdd5a88464d079f2302f0702cac
libtiff-debugsource-4.0.9-36.el8_10.s390x.rpm	SHA-256: 87116bc3a413dd1371810dfcfb5ebb96099a5812a89dbdae6ba2ac7f13f20696
libtiff-tools-4.0.9-36.el8_10.s390x.rpm	SHA-256: 79d2aa3751c07446e960b76a041bb1f1b168c90fb52bb71c6b59b663eb503553
libtiff-tools-debuginfo-4.0.9-36.el8_10.s390x.rpm	SHA-256: c448b3f923eeeed0d99319de96f9f1cddb819a980bb9a66b78c359c8b0cd8bda

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation