Description

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.

INFO

Published Date :

2025-09-23T16:26:22.846Z

Last Modified :

2026-04-29T03:55:29.461Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-9900 vulnerability.

Vendors Products
Redhat
  • Ai Inference Server
  • Discovery
  • Enterprise Linux
  • Hummingbird
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Eus Long Life
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-9900.

URL Resource
http://www.openwall.com/lists/oss-security/2025/09/26/3 cve-icon
https://access.redhat.com/errata/RHSA-2025:17651 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:17675 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:17710 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:17738 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:17739 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:17740 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19113 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19156 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19276 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19906 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:19947 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:20956 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:20998 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21060 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21061 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21062 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21407 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21506 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21507 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21508 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21994 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:23078 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:23079 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:23080 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:0001 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:0076 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:0077 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:0078 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:3461 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:3462 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:7504 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-9900 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2392784 cve-icon cve-icon
https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file cve-icon cve-icon cve-icon cve-icon
https://gitlab.com/libtiff/libtiff/-/issues/704 cve-icon cve-icon
https://gitlab.com/libtiff/libtiff/-/merge_requests/732 cve-icon cve-icon
https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/09/msg00031.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-9900 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-9900 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact