Nixpkgs Security Tracker

Untriaged

Permalink CVE-2026-4775

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 4 days, 16 hours ago

Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.

References

https://access.redhat.com/security/cve/CVE-2026-4775 x_refsource_REDHAT vdb-entry
RHBZ#2450768 issue-tracking x_refsource_REDHAT

Affected products

libtiff

mingw-libtiff

compat-libtiff3

Matching in nixpkgs

pkgs.libtiff

Library and utilities for working with the TIFF image file format

nixos-unstable 4.7.1
- nixpkgs-unstable 4.7.1
- nixos-unstable-small 4.7.1
nixos-25.11 4.7.1
- nixos-25.11-small 4.7.1
- nixpkgs-25.11-darwin 4.7.1

Package maintainers

@sikmir Nikolay Korotkiy <sikmir@disroot.org>
@willcohen Will Cohen
@nh2 Niklas Hambüchen <mail@nh2.me>
@l0b0 Victor Engmark <victor@engmark.name>
@imincik Ivan Mincik <ivan.mincik@gmail.com>
@nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com>
@autra Augustin Trancart <augustin.trancart@gmail.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.libtiff

Package maintainers