Issued:: 2026-05-20
Updated:: 2026-05-20

RHSA-2026:19586 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libtiff security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2450768 - CVE-2026-4775 libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

CVEs

CVE-2026-4775

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
x86_64
libtiff-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 216f32b853188185588af3891ec8b2bbf3e5996543353ca34a93fb37d08a029e
libtiff-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: cec9bc80f448e0609df5dee1eb56879edfdba71dc17768929b2a10ab20d98e6a
libtiff-debugsource-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: eb5b15eef27e128be273a47234455710465213382ad86e687fd5bbcdc42da43b
libtiff-devel-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 67470e16b5d95782d58cd9e7973ebbe151f653314cc2c41c963916bb70702adb
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 9d0ed9b0ee8b38730cfd22f1a3d7dc73b04ccc2f35fea01b259b71d21d502b57

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
s390x
libtiff-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 36db8f75cd6c423ba75eba551b74a9949b6d73a378bc2664b8d15683d5ae71fe
libtiff-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: e4ca3e13725d47f4326d683992885b8020faa218995320a13a2254a992df4a4c
libtiff-debugsource-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 742d4ced1b76a13f55e1a3e3d8c200438d4b69846f22e996a587f9be0ba455ae
libtiff-devel-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 6ba628ca8435cedad9e1a07bbf4f8db3542f066c645f7d446bba836246103f04
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: b1f36cd41ccbb7d560ad64381bd3471d3059bd0e8a0237996011bef31333b0a6

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
ppc64le
libtiff-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 7d06b329be31eaeb7f4c7a0547885bf397fda506572408dc37cd4af33b34cad2
libtiff-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 03ba4abfc3229e9bdc644986135167615e3de88656af8587f30a3993273b2de4
libtiff-debugsource-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 00654b2500a418690b8865f4657c9ecaa28e629a671d3ee13ce1ada45d5a6a2b
libtiff-devel-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: aeb5f65ff882acfe3fa3058d1d3106019c1164bc3edea912fd3516a68975c9bb
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: d8d332d502c279999e0ca1bd65b4141e8278eb37ff6e284dc48c8f88ed63ad8d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
aarch64
libtiff-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 59205c102f0b986807d62bf98e685d7d13b9e13abf6f27b39a07633c94d2311e
libtiff-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 5f40729b9762ca3e33e2cbd9cdeda9937a6dc96dc8e99e19b6c301cd2ab9d23c
libtiff-debugsource-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: a8a7cc99bdf7ccc167c6b9bac2928c2ddcc278d650290e26c34d2589af1400c4
libtiff-devel-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: c04e6fee4bf7b0f9e323dbce70e09f8a047b3037cff5dbd2e186de832dc7f41c
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 458f2a4e26309478e8f5245d38a53abc714aecbff53bc8beab02d6665dcade7e

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0

SRPM
x86_64
libtiff-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: cec9bc80f448e0609df5dee1eb56879edfdba71dc17768929b2a10ab20d98e6a
libtiff-debugsource-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: eb5b15eef27e128be273a47234455710465213382ad86e687fd5bbcdc42da43b
libtiff-tools-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 71dc744d757b713340fbf205079447393fb7705a1d6aad983fffb9fe631c4bd9
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 9d0ed9b0ee8b38730cfd22f1a3d7dc73b04ccc2f35fea01b259b71d21d502b57

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0

SRPM
ppc64le
libtiff-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 03ba4abfc3229e9bdc644986135167615e3de88656af8587f30a3993273b2de4
libtiff-debugsource-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 00654b2500a418690b8865f4657c9ecaa28e629a671d3ee13ce1ada45d5a6a2b
libtiff-tools-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 2252d6b8b2f714876a935330fd1068a2990276ad43c6ea2150ed5d16441332b0
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: d8d332d502c279999e0ca1bd65b4141e8278eb37ff6e284dc48c8f88ed63ad8d

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0

SRPM
s390x
libtiff-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: e4ca3e13725d47f4326d683992885b8020faa218995320a13a2254a992df4a4c
libtiff-debugsource-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 742d4ced1b76a13f55e1a3e3d8c200438d4b69846f22e996a587f9be0ba455ae
libtiff-tools-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 0f1a8758594c38255449ea28732a103117ff78b78fe99671137bd38da2edc443
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: b1f36cd41ccbb7d560ad64381bd3471d3059bd0e8a0237996011bef31333b0a6

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0

SRPM
aarch64
libtiff-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 5f40729b9762ca3e33e2cbd9cdeda9937a6dc96dc8e99e19b6c301cd2ab9d23c
libtiff-debugsource-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: a8a7cc99bdf7ccc167c6b9bac2928c2ddcc278d650290e26c34d2589af1400c4
libtiff-tools-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 0b596f6697bb66626b1c81b06fd74c6bf2c9ead2c0f5f575f13760a9fbd7a309
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 458f2a4e26309478e8f5245d38a53abc714aecbff53bc8beab02d6665dcade7e

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
aarch64
libtiff-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 59205c102f0b986807d62bf98e685d7d13b9e13abf6f27b39a07633c94d2311e
libtiff-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 5f40729b9762ca3e33e2cbd9cdeda9937a6dc96dc8e99e19b6c301cd2ab9d23c
libtiff-debugsource-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: a8a7cc99bdf7ccc167c6b9bac2928c2ddcc278d650290e26c34d2589af1400c4
libtiff-devel-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: c04e6fee4bf7b0f9e323dbce70e09f8a047b3037cff5dbd2e186de832dc7f41c
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.aarch64.rpm	SHA-256: 458f2a4e26309478e8f5245d38a53abc714aecbff53bc8beab02d6665dcade7e

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
s390x
libtiff-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 36db8f75cd6c423ba75eba551b74a9949b6d73a378bc2664b8d15683d5ae71fe
libtiff-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: e4ca3e13725d47f4326d683992885b8020faa218995320a13a2254a992df4a4c
libtiff-debugsource-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 742d4ced1b76a13f55e1a3e3d8c200438d4b69846f22e996a587f9be0ba455ae
libtiff-devel-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: 6ba628ca8435cedad9e1a07bbf4f8db3542f066c645f7d446bba836246103f04
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.s390x.rpm	SHA-256: b1f36cd41ccbb7d560ad64381bd3471d3059bd0e8a0237996011bef31333b0a6

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
ppc64le
libtiff-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 7d06b329be31eaeb7f4c7a0547885bf397fda506572408dc37cd4af33b34cad2
libtiff-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 03ba4abfc3229e9bdc644986135167615e3de88656af8587f30a3993273b2de4
libtiff-debugsource-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: 00654b2500a418690b8865f4657c9ecaa28e629a671d3ee13ce1ada45d5a6a2b
libtiff-devel-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: aeb5f65ff882acfe3fa3058d1d3106019c1164bc3edea912fd3516a68975c9bb
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.ppc64le.rpm	SHA-256: d8d332d502c279999e0ca1bd65b4141e8278eb37ff6e284dc48c8f88ed63ad8d

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
libtiff-4.6.0-6.el10_0.3.src.rpm	SHA-256: 9f5579e490de6a43ebc5c286dca3888b4c718abaa81cd0ea76263a65b752b76f
x86_64
libtiff-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 216f32b853188185588af3891ec8b2bbf3e5996543353ca34a93fb37d08a029e
libtiff-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: cec9bc80f448e0609df5dee1eb56879edfdba71dc17768929b2a10ab20d98e6a
libtiff-debugsource-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: eb5b15eef27e128be273a47234455710465213382ad86e687fd5bbcdc42da43b
libtiff-devel-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 67470e16b5d95782d58cd9e7973ebbe151f653314cc2c41c963916bb70702adb
libtiff-tools-debuginfo-4.6.0-6.el10_0.3.x86_64.rpm	SHA-256: 9d0ed9b0ee8b38730cfd22f1a3d7dc73b04ccc2f35fea01b259b71d21d502b57

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation