{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9165", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-19T13:24:01.463Z", "datePublished": "2025-08-19T20:02:13.694Z", "dateUpdated": "2025-08-26T15:29:01.729Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-19T20:02:13.694Z"}, "title": "LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-401", "lang": "en", "description": "Memory Leak"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "Denial of Service"}]}], "affected": [{"vendor": "n/a", "product": "LibTIFF", "versions": [{"version": "4.7.0", "status": "affected"}], "modules": ["tiffcmp"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue."}, {"lang": "de", "value": "In LibTIFF 4.7.0 ist eine Schwachstelle entdeckt worden. Betroffen davon ist die Funktion _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 der Datei tools/tiffcmp.c der Komponente tiffcmp. Die Bearbeitung verursacht memory leak. Der Angriff muss auf lokaler Ebene erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Der Patch wird als ed141286a37f6e5ddafb5069347ff5d587e7a4e0 bezeichnet. Es empfiehlt sich, einen Patch einzuspielen, um dieses Problem zu beheben."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2025-08-19T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-19T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-19T15:29:48.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "HeureuxBuilding (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.320543", "name": "VDB-320543 | LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.320543", "name": "VDB-320543 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.630506", "name": "Submit #630506 | libtiff tiffcmp 4.7.0+ (latest master branch) Memory Leak", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.630507", "name": "Submit #630507 | libtiff tiffcmp 4.7.0+ (latest master branch) Memory Leak (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/728", "tags": ["issue-tracking"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/747", "tags": ["patch"]}, {"url": "https://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharing", "tags": ["exploit"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0", "tags": ["patch"]}, {"url": "http://www.libtiff.org/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-19T20:31:35.513657Z", "id": "CVE-2025-9165", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T20:31:44.305Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-08-26T15:29:01.729Z"}, "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/728#note_2709263214"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.com/libtiff/libtiff/-/issues/728#note_2709263214"}], "x_generator": {"engine": "ADPogram 0.0.1"}, "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-08-26T15:29:01.729Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9165", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-19T20:31:35.513657Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T20:31:40.032Z"}}], "cna": {"title": "LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak", "credits": [{"lang": "en", "type": "reporter", "value": "HeureuxBuilding (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "n/a", "modules": ["tiffcmp"], "product": "LibTIFF", "versions": [{"status": "affected", "version": "4.7.0"}]}], "timeline": [{"lang": "en", "time": "2025-08-19T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-19T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-19T15:29:48.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.320543", "name": "VDB-320543 | LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.320543", "name": "VDB-320543 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.630506", "name": "Submit #630506 | libtiff tiffcmp 4.7.0+ (latest master branch) Memory Leak", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.630507", "name": "Submit #630507 | libtiff tiffcmp 4.7.0+ (latest master branch) Memory Leak (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/728", "tags": ["issue-tracking"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/747", "tags": ["patch"]}, {"url": "https://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharing", "tags": ["exploit"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0", "tags": ["patch"]}, {"url": "http://www.libtiff.org/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue."}, {"lang": "de", "value": "In LibTIFF 4.7.0 ist eine Schwachstelle entdeckt worden. Betroffen davon ist die Funktion _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 der Datei tools/tiffcmp.c der Komponente tiffcmp. Die Bearbeitung verursacht memory leak. Der Angriff muss auf lokaler Ebene erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Der Patch wird als ed141286a37f6e5ddafb5069347ff5d587e7a4e0 bezeichnet. Es empfiehlt sich, einen Patch einzuspielen, um dieses Problem zu beheben."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "Memory Leak"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-404", "description": "Denial of Service"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-19T20:02:13.694Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9165", "state": "PUBLISHED", "dateUpdated": "2025-08-26T15:29:01.729Z", "dateReserved": "2025-08-19T13:24:01.463Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-19T20:02:13.694Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC18E9C8-BF8F-412F-88EE-010FDA542285", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue."}, {"lang": "es", "value": "Se ha encontrado una falla en LibTIFF 4.7.0. Esta afecta a la funci\u00f3n _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 del archivo tools/tiffcmp.c del componente tiffcmp. La manipulaci\u00f3n puede provocar una fuga de memoria. El ataque se limita a la ejecuci\u00f3n local. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Este parche se llama ed141286a37f6e5ddafb5069347ff5d587e7a4e0. Se recomienda aplicar un parche para resolver este problema."}], "id": "CVE-2025-9165", "lastModified": "2025-09-11T16:06:41.283", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-08-19T20:15:37.557", "references": [{"source": "cna@vuldb.com", "tags": ["Product"], "url": "http://www.libtiff.org/"}, {"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharing"}, {"source": "cna@vuldb.com", "tags": ["Patch"], "url": "https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/728"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/747"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.320543"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.320543"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.630506"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.630507"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Exploit", "Vendor Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/728#note_2709263214"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}, {"lang": "en", "value": "CWE-404"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{"bugzilla": {"description": "libtiff: LibTIFF memory leak", "id": "2389574", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389574"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "(CWE-401|CWE-404)", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-9165", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mingw-libtiff", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-08-19T20:02:13Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-9165\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-9165\nhttp://www.libtiff.org/\nhttps://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharing\nhttps://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0\nhttps://gitlab.com/libtiff/libtiff/-/issues/728\nhttps://gitlab.com/libtiff/libtiff/-/merge_requests/747\nhttps://vuldb.com/?ctiid.320543\nhttps://vuldb.com/?id.320543\nhttps://vuldb.com/?submit.630506\nhttps://vuldb.com/?submit.630507"], "threat_severity": "Low"}